Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

System cracked, a story



On Sun, May 25, 2003 at 08:33:03PM -0400, Doug Sweetser wrote:
[snip]
> Last Sunday, someone with a root kit was able to replace my
> /etc/passwd file.  

[snip]
> The intruder wasted my time, but no data was lost.  If people have
> other ideas about stopping root kits, I'd like to know.

[snip]

I suggest a wipe of the HD, and a reinstall of the OS from known good media.
Once it's running the way you want, but BEFORE it's connected to the net, 
install Tripwire.

HTH.

Bill Horne




BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org