might have been hacked?
John Summerfied
debian at herakles.homelinux.org
Fri Dec 30 02:25:21 UTC 2005
Sam Varshavchik wrote:
> Kahn Seidl writes:
>
>> We are running a dns server running bind 8. And also webmin. There were
>
>
> Many versions of bind 8 have known security holes.
>
> Everyone should've upgraded to Bind 9 for at least a couple of years, now.
>
but that's probably not the problem.
Weak webmin passwords are more probable.
I suggest google for "how to" rootkit and look for diagnostic tools from
the results.
However, if someone's been root on your system, the correct response is
to replace it with known good kit and be extremely careful of what you
copy across.
Then, enhance your protection: webmin has long been able to limit the
number of unsuccessful logins, and you can use firewall rules to block
access from the parts of the world you don't want access from.
--
Cheers
John
-- spambait
1aaaaaaa at computerdatasafe.com.au Z1aaaaaaa at computerdatasafe.com.au
Tourist pics http://portgeographe.environmentaldisasters.cds.merseine.nu/
do not reply off-list
More information about the fedora-list
mailing list