help i've been hacked. :(
Eris Caffee
eris-redhat-list at eldalin.com
Sun Aug 21 15:20:31 UTC 2005
> Okay, so I looked into the /tmp directory and found ./shell.pl and ./.x.
[snip - lots of investigation goodness]
> I also plan to segment the network so that even if the webserver is
> compromised the perp cannot sniff the rest of the network traffic and
> steal passwords/data. At least, that's how I think it would work.
It sounds like you have an excellent handle on things now.
One other thing I would suggest would be that if you install cacti on the
new server you should edit your httpd.conf and restrict access to it and
it's subdirectories to add another layer of protection. Really, anything
that isn't for the general public ought to be restricted, of course.
Eris Caffee
More information about the redhat-list
mailing list