> I am not sure what else measures I can take. Can someone please assist? 1) Make a good backup of the hacked system for data archival and forensic analysis. 2) Take the affected system off-line. 3) Check all other systems in your company as they are definitely at high risk. 4) Completely re-format and re-install any and all hacked boxes. 5) Change all passwords everywhere and make sure they are not recycled. Once the baddies got in, they had the chance to install a rootkit. If you inspect your box and do not see a rootkit it just means they did a good job of hacking your box and there is most likely one installed, anyways. Once the baddies get access to your box the game is over. -geoff --------------------------------- Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
Re: server is always getting hacked
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: "'CentOS mailing list'" <centos@xxxxxxxxxx>
- Subject: Re: server is always getting hacked
- From: "Geoff Galitz" <geoff@xxxxxxxxxx>
- Date: Sun, 28 Jun 2009 21:54:32 +0200
- Delivered-to: centos@xxxxxxxxxx
- In-reply-to: <144088.69440.qm@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
- References: <1cbd6f830906271221l771f83acp98505f246c12617e@xxxxxxxxxxxxxx> <144088.69440.qm@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Thread-index: Acn4EFoBDwkn7VfxRuqqYN/okFtKKQAGPX1g
- Follow-Ups:
- Re: server is always getting hacked
- From: John R Pierce
- Re: server is always getting hacked
- References:
- server is always getting hacked
- From: Mag Gam
- Re: server is always getting hacked
- From: Linux Advocate
- server is always getting hacked
- Prev by Date: Re: server is always getting hacked
- Next by Date: Re: server is always getting hacked
- Previous by thread: Re: server is always getting hacked
- Next by thread: Re: server is always getting hacked
- Index(es):
 |