Kevin wrote:
I would be very interested to know how they got in, ifWill do. I don't want to spend too much time cring over spill milk, so I think I'll just copy /var/log to my desktop and analyze them there. I don't think I should go into much forensics on this. Had the box been more hardened and they still gotten in, then I would be more paranoid.
you find out please let us know. Some of us might be
able to sleep a little easier :)
I intend to make the box ALOT harder next time. I shouls start recovery by 1300 hrs. EST
Yah, thanks. I've already found out the name of the
rootkit. I jsut need to find out how it got in.
Find local movie times and trailers on Yahoo! Movies. http://au.movies.yahoo.com
