[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Can't reboot, shutdown, or init 3



Kevin wrote:

Sorry to be a pain Arthur, but I was wondering if you
were running iptables, firestarter etc', what your
rules were (generally), and what servers you ran, ie
smb/mysql/httpd/php/telnet et al.


I lost 160gigs of data a few weeks ago and have just
finished recovering it, that's why I'm starting to
worry again :(

Regards.......Kev.

--- Arthur Pemberton <dalive flashmail com> wrote:


Kevin wrote:



I would be very interested to know how they got in,


if


you find out please let us know. Some of us might


be


able to sleep a little easier :)




Will do. I don't want to spend too much time cring
over spill milk, so I think I'll just copy /var/log to my desktop and
analyze them there. I don't think I should go into much forensics on this.
Had the box been more hardened and they still gotten in, then I would
be more paranoid.


I intend to make the box ALOT harder next time. I
shouls start recovery by 1300 hrs. EST









Yah, thanks. I've already found out the name of


the


rootkit. I jsut need to find out how it got in.




Find local movie times and trailers on Yahoo!


Movies.


http://au.movies.yahoo.com





--
fedora-list mailing list
fedora-list redhat com
To unsubscribe:
http://www.redhat.com/mailman/listinfo/fedora-list




Find local movie times and trailers on Yahoo! Movies. http://au.movies.yahoo.com



How about i do a writeup on the whole incident, and post a link to a page on my site, once i get it back up, it too was a victim.

So if there's any other info you'd like me to prodive i'll do so willingly.

Peace


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]