Kevin wrote:
Sorry to be a pain Arthur, but I was wondering if you
were running iptables, firestarter etc', what your
rules were (generally), and what servers you ran, ie
smb/mysql/httpd/php/telnet et al.
I lost 160gigs of data a few weeks ago and have just
finished recovering it, that's why I'm starting to
worry again :(
Regards.......Kev.
--- Arthur Pemberton <dalive@xxxxxxxxxxxxx> wrote:
Kevin wrote:
I would be very interested to know how they got in,
if
you find out please let us know. Some of us might
be
able to sleep a little easier :)
Will do. I don't want to spend too much time cring
over spill milk, so I
think I'll just copy /var/log to my desktop and
analyze them there. I
don't think I should go into much forensics on this.
Had the box been
more hardened and they still gotten in, then I would
be more paranoid.
I intend to make the box ALOT harder next time. I
shouls start recovery
by 1300 hrs. EST
Yah, thanks. I've already found out the name of
the
rootkit. I jsut need
to find out how it got in.
Find local movie times and trailers on Yahoo!
Movies.
http://au.movies.yahoo.com
--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe:
http://www.redhat.com/mailman/listinfo/fedora-list
Find local movie times and trailers on Yahoo! Movies.
http://au.movies.yahoo.com
How about i do a writeup on the whole incident, and post a link to a
page on my site, once i get it back up, it too was a victim.
So if there's any other info you'd like me to prodive i'll do so willingly.
Peace
