Re: OT. Have I been hacked? IRCD?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
Subject: Re: OT. Have I been hacked? IRCD?
From: Rich Burroughs <rich@xxxxxxxxxxxx>
Date: Mon, 13 Dec 2004 23:40:37 -0800
In-reply-to: <[email protected]>
References: <[email protected]> <[email protected]> <[email protected]> <[email protected]>
Reply-to: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
User-agent: Mozilla Thunderbird 1.0 (Windows/20041206)

mark wrote:

I am just trying to figure out if I have to re-install. It look like it. Vulnerability in PHP or PHPBB I think.
I found the perl script in /tmp
Or maybe secure /tmp and take the below steps.
Thoughts on this all?


It's clearly hacker activity.

Beyond closing whatever vulnerability caused this, have you checked to see if the system has been trojaned? It's not perfect, but "rpm -Va" is a quick and dirty way to do it.

A better way is to check using Tripwire or a similar tool, if you installed one.


Rich

Follow-Ups:
- Re: OT. Have I been hacked? IRCD?
  - From: Scot L. Harris

References:
- OT. Have I been hacked? IRCD?
  - From: mark
- Re: OT. Have I been hacked? IRCD?
  - From: Alexander Dalloz
- Re: OT. Have I been hacked? IRCD?
  - From: mark
- Re: OT. Have I been hacked? IRCD?
  - From: mark

Prev by Date: Re: OT. Have I been hacked? IRCD?
Next by Date: FC2 on Toshiba Satellite -- flipping between external projector and LCD corrupts the X display
Previous by thread: Re: OT. Have I been hacked? IRCD?
Next by thread: Re: OT. Have I been hacked? IRCD?
Index(es):
- Date
- Thread

[Index of Archives] [Current Fedora Users] [Fedora Desktop] [Fedora SELinux] [Yosemite News] [Yosemite Photos] [KDE Users] [Fedora Tools] [Fedora Docs]