Sam Varshavchik wrote:
Kahn Seidl writes:
We are running a dns server running bind 8. And also webmin. There were
Many versions of bind 8 have known security holes.
Everyone should've upgraded to Bind 9 for at least a couple of years, now.
but that's probably not the problem.
Weak webmin passwords are more probable.
I suggest google for "how to" rootkit and look for diagnostic tools from
the results.
However, if someone's been root on your system, the correct response is
to replace it with known good kit and be extremely careful of what you
copy across.
Then, enhance your protection: webmin has long been able to limit the
number of unsuccessful logins, and you can use firewall rules to block
access from the parts of the world you don't want access from.
--
Cheers
John
-- spambait
1aaaaaaa@xxxxxxxxxxxxxxxxxxxxxxx Z1aaaaaaa@xxxxxxxxxxxxxxxxxxxxxxx
Tourist pics http://portgeographe.environmentaldisasters.cds.merseine.nu/
do not reply off-list