> I am not sure what else measures I can take. Can someone please assist? 1) Make a good backup of the hacked system for data archival and forensic analysis. 2) Take the affected system off-line. 3) Check all other systems in your company as they are definitely at high risk. 4) Completely re-format and re-install any and all hacked boxes. 5) Change all passwords everywhere and make sure they are not recycled. Once the baddies got in, they had the chance to install a rootkit. If you inspect your box and do not see a rootkit it just means they did a good job of hacking your box and there is most likely one installed, anyways. Once the baddies get access to your box the game is over. -geoff --------------------------------- Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos