BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

System cracked, a story

Subject: System cracked, a story
From: bill at billhorne.homelinux.org (Bill Horne)
Date: Sun, 25 May 2003 23:37:24 -0400
In-reply-to: <200305260032.h4Q0Wg6m015484@TheWorld.com>; from sweetser@TheWorld.com on Sun, May 25, 2003 at 08:33:03PM -0400
References: <200305260032.h4Q0Wg6m015484@TheWorld.com>

On Sun, May 25, 2003 at 08:33:03PM -0400, Doug Sweetser wrote:
[snip]
> Last Sunday, someone with a root kit was able to replace my
> /etc/passwd file.  

[snip]
> The intruder wasted my time, but no data was lost.  If people have
> other ideas about stopping root kits, I'd like to know.

[snip]

I suggest a wipe of the HD, and a reinstall of the OS from known good media.
Once it's running the way you want, but BEFORE it's connected to the net, 
install Tripwire.

HTH.

Bill Horne

Follow-Ups:
- System cracked, a story
  - From: david at thekramers.net (David Kramer)
- System cracked, a story
  - From: jjohnson at sunrise-linux.com (miah)

References:
- System cracked, a story
  - From: sweetser at TheWorld.com (Doug Sweetser)

Prev by Date: Has anyone used PuTTY and OpenSSH?
Next by Date: Comcast and cable modems
Previous by thread: System cracked, a story
Next by thread: System cracked, a story
Index(es):
- Date
- Thread

Boston Linux & Unix / webmaster@blu.org