I have a Zimbra 8.06 installation on a Centos 6 server.
Yesterday someone has started 3 process on tmp folder with zimbra and has added 2 jobs on crontab.
Could you help to understand how can I secure the server and how they do that?

Thank you very much!