Hi, > > my server got hacked on monday I'm pretty sure, files were changed, > rc.local and rc.sysinit were over written. Anyways, is there a way > that I can lock out the system after say 3 unsucessful login attempts? > This would be remotely only, so I can log in at the console to > reenable remote logins? No point. It's quite probable you've been rooted as well. The only safe way to clean it up is replace the hard drive, reinstall and lock everything down as much as you can. Ensure passwords aren't dictionary hackable and that the likes of telnet are closed off. TTFN Paul -- "Look. If you had one shot, one opportunity, to seize everything you ever wanted. One moment to capture or would you just let it slip?" - Marshall Mathers III (Lose Yourself)
Attachment:
signature.asc
Description: This is a digitally signed message part
