On Fri, Feb 27, 2009 at 12:49 PM, Jack Lauman <jlauman@xxxxxxxxxxxxxx> wrote: > On Feb 25, between 1753-2046 PST several of my Fedora Core 9 machines were > compromised. All had the latest patches applied. At this point I would not trust any system binaries such as commands or executable programs you don't recognize. You could try booting with a LiveCD and use find to expose files created recently. Most likely there is a binary somewhere in /usr/bin or /usr/sbin with the sole task of deleting certain files to cover things up. <snip> > Any help on resolving this would be appreciated. I need to get data off > these before re-installation. It would be informative for yourself to find out *how* the break in occurred. You'll need to know how to prevent it once you reinstall. ~af -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
