I appear to be attacking others

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Chris Mauritz wrote:
> Lot's of good advice.  I'd also check for rootkits.  There are a couple 
> of "rootkit checkers" available.  You just download the source and 
> compile/execute them.  I've used this one with some success to de-louse 
> a friend's game server:
> 
> http://www.chkrootkit.org/

That would be a very dumb rootkit if one was installed on the server, as
the offending processes could be found with "ps" and "ls" showed the
directory and the files in there. Yes, one can never know *if* a rootkit
was installed, but I don't think so in this case.

But as always: If possible - rebuild the machine from scratch. If you
cannot do that *monitor* the machine closely for suspect traffic. If
possible from another clean machine on the same network. 

> It's also a good practice to disconnect a suspect machine from the net 
> and do your hacking from the console if you suspect it's been burgled.  
> That way, it's not actively hosing other people while you're 
> troubleshooting the problem.

Yes.

> That is...unless you've got the skills to track the burgler back to
> their hideout.....

Which probably is just another cracked machine. The last time I did that
the tracks got lost somewhere in Malaysia.

Ralph
-- 
Ralph Angenendt......ra@xxxxxxxxxxxx | .."Text processing has made it possible
Bayerischer Rundfunk...80300 M?nchen | ....to right-justify any idea, even one
Programmbereich.Bayern 3, Jugend und | .which cannot be justified on any other
Multimedia.........Tl:089.5900.16023 | ..........grounds." -- J. Finnegan, USC
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.centos.org/pipermail/centos/attachments/20060205/146e15e9/attachment.bin

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux