[H-GEN] apache2 compromised or just attempts?
Sandra Mansell
fakungabubu at gmail.com
Sun May 28 21:12:34 EDT 2006
Ted Percival wrote:
> Just remember your kernel and iptables binaries could be rooted, too.
> The only safe action is to reinstall the machine from scratch, don't
> forget to use different passwords for your accounts.
Very good advice. This is what we did when we were compromised a couple
of years ago. Time consuming yes, but the only way you'll know you're
clean. (We actually had no choice as our root password was changed by
the intruder.)
Also don't forget to check that your ssh is not accessible by the root
user. This is how we were compromised. I now know not to allow root to
be able to ssh in (was very annoyed that it was allowed by default).
Sandra.
--
fakungabubu at gmail.com
http://photoalbumerator.blogspot.com/
McGee: Are you wishing you were a computer geek?
Tony: I'd rather be homeless than be you, probie.
-- NCIS "Dopplegänger" season 2 episode 12
More information about the General
mailing list