On Fri, 27 Feb 2009 13:32:11 -0800, Jack wrote: > Disagree, if anyone used the root password they had to know what it > was... 27 characters > > It's probable that they got in through a pop3 account on one machine. On "one machine", but what about the other machines? Did they use the same root pw? If not, what services did the machines have in common? > No rootkits found, no trojans or viruses found. chkrootkit and rkhunter may not be sufficient when analyzing the systems. Preferably examine the filesystem read-only mounted, and also do RPM database verification with an external RPM. -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines