Site was closed by the ISP today for the following reason:
[quote]Subject: Eggdrop processes and files in your account [ sadgeezer.com ]

Hello,

We have recently noticed eggdrop processes and files in your account [sadgeezer.com ]. We have temporarily suspended the said account. Please get backto us immediately regarding this issue. As is clear in our TOS, we do not allow these type of files and processes on our servers.

The files in question can be located here:
/home/sadgeez/public_html/html/modules/My_eGallery/gallery/BSG/s1/102/thumb/.bitz

To prevent the executables from being run, we have set the permission to this folder ( .bitz ) to 700 and assigned it to user sadgeez. Also, please note these files uploaded in your account:

/home/sadgeez/public_html/html/modules/My_eGallery/gallery/babi
/home/sadgeez/public_html/html/modules/My_eGallery/gallery/bind.c
/home/sadgeez/public_html/html/modules/My_eGallery/gallery/cr.php
/home/sadgeez/public_html/html/modules/My_eGallery/gallery/eg.tgz
/home/sadgeez/public_html/html/modules/My_eGallery/gallery/p.php
/home/sadgeez/public_html/html/modules/My_eGallery/gallery/up.txt

These are files that are also malicious files and should be removed.

We have temporarily UNSUSPENDED your account. Please ensure that these files are not in your account immediately or we will have to suspend the account again. If you need help in this, please let us know and we will remove the files for you.
[/quote]

Don't even know what an Eggdrop process is, but the .bitz directory was full of stuff. I think it's a sort of IRC bot / IRC client/server or something. Anyway the ISP threw a wobbler and suspended the site until I deleted the files.

Do you guys know anything about this, or was it down to the venezuellan dude?
__________________________