On Wed, Apr 27, 2005 at 03:20:08PM +0200, Håkan Persson wrote: > >Were there any interesting files in the users' home directories? (Look for > >hidden files too, of course -- maybe a hidden directory named ... or > >something.) Also check in /tmp and /var. And any luck with the > >.bash_history? (For both the users and for root....) > I have installed and use this stuff, http://www.rootkit.nl/, but it has > never found any vulnerabilities (which probably does mean anything...) Clearly the people who broke into this system found something. I'm interested to learn _what_. -- Matthew Miller mattdm@xxxxxxxxxx <http://www.mattdm.org/> Boston University Linux ------> <http://linux.bu.edu/> Current office temperature: 80 degrees Fahrenheit.
