[ale] Redhat 6.2
Scott Nolde
smnoldelinux at mediaone.net
Fri Aug 11 17:38:33 EDT 2000
Ken N wrote:
>
> OK - I am a little baffeled, I did some comparing on the fresh redhat box
> in Cleveland and on this one didn't find any problems. All the files where
> the same. Anyway I did take good advice and installed the latest proftpd.
> :)
>
> As far as diggin around in there I did alot of that and can't find sqaut.
> So I don't know, if someone has hacked they have hidden thier tracks
> really well cept for two lame logins? I have no idea...
>
> Thanks
> Ken.
>
Maybe the alleged hacker didn't transfer his goods yet. Have you done a
search for suid root binaries (and install dates)? Check the /dev
directory for anything suspicious. Maybe something will show up...
maybe not.
Are there any extranneous processes running when the server should be up
and running?
- Scott
--
Never do Windows again with | Scott M. Nolde
Linux! No streaks, haze or | smnoldelinux at mediaone.net
glaze! |
5:30pm up 1:22, 2 users, load average: 1.31, 1.15, 1.05
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.
More information about the Ale
mailing list