>
> Since this was your puppet server, you might also want to check to see if
> the intrusion has spread to your other machines, it's possible the attacker
> didn't notice or that the attack was fully automated, but you should read
> through the puppet configs and see if there are any commands being
> distributed to the other machines that you didn't put there. You don't
> want to play whack-a-mole chasing this out of your system, you want to get
> it all in one shot.
Thanks, I'm doing this now!
Tim
On Sat, Oct 4, 2014 at 11:14 AM, Mark Tinberg <mark.tinberg@xxxxxxxx> wrote:
> Since this was your puppet server, you might also want to check to see if
> the intrusion has spread to your other machines, it's possible the attacker
> didn't notice or that the attack was fully automated, but you should read
> through the puppet configs and see if there are any commands being
> distributed to the other machines that you didn't put there. You don't
> want to play whack-a-mole chasing this out of your system, you want to get
> it all in one shot.
>
> —
> Mark Tinberg
> mark.tinberg@xxxxxxxx
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> http://lists.centos.org/mailman/listinfo/centos
>
--
GPG me!!
gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
