Re: server is always getting hacked

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]




> I am not sure what else measures I can take. Can someone please assist?


1) Make a good backup of the hacked system for data archival and forensic
analysis.
2) Take the affected system off-line.
3) Check all other systems in your company as they are definitely at high
risk.
4) Completely re-format and re-install any and all hacked boxes.
5) Change all passwords everywhere and make sure they are not recycled.

Once the baddies got in, they had the chance to install a rootkit.  If you
inspect your box and do not see a rootkit it just means they did a good job
of hacking your box and there is most likely one installed, anyways.

Once the baddies get access to your box the game is over.

-geoff


---------------------------------
Geoff Galitz
Blankenheim NRW, Germany
http://www.galitz.org/
http://german-way.com/blog/



_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux