Sorry to be a pain Arthur, but I was wondering if you were running iptables, firestarter etc', what your rules were (generally), and what servers you ran, ie smb/mysql/httpd/php/telnet et al. I lost 160gigs of data a few weeks ago and have just finished recovering it, that's why I'm starting to worry again :( Regards.......Kev. --- Arthur Pemberton <dalive@xxxxxxxxxxxxx> wrote: > Kevin wrote: > > >I would be very interested to know how they got in, > if > >you find out please let us know. Some of us might > be > >able to sleep a little easier :) > > > > > Will do. I don't want to spend too much time cring > over spill milk, so I > think I'll just copy /var/log to my desktop and > analyze them there. I > don't think I should go into much forensics on this. > Had the box been > more hardened and they still gotten in, then I would > be more paranoid. > > I intend to make the box ALOT harder next time. I > shouls start recovery > by 1300 hrs. EST > > > > > > > > >>Yah, thanks. I've already found out the name of > the > >>rootkit. I jsut need > >>to find out how it got in. > >> > >> > > > > > >Find local movie times and trailers on Yahoo! > Movies. > >http://au.movies.yahoo.com > > > > > > > > -- > fedora-list mailing list > fedora-list@xxxxxxxxxx > To unsubscribe: > http://www.redhat.com/mailman/listinfo/fedora-list > Find local movie times and trailers on Yahoo! Movies. http://au.movies.yahoo.com
