Subject: Re: Was I hacked?
From: Charles Stevenson (csteven@terraplex.com)
Date: Thu Aug 17 2000 - 16:22:16 MDT
On Fri, 18 Aug 2000, you wrote:
> Lastly, if you are hacked it is generally a good idea to reinstall. Assume
> that your cracker
> has placed dozens of backdoors and password sniffers on your system. You
> may find one
> of his goodies, but that certainly doesn't mean that you've shut him/her
> down and out.
I would also recommend the reinstall. Prevention is the best policy. I try
not to run any services that I don't use. Filter any ports that you have
services on so that only authorized addresses can connect. Anonymous FTP with
a writeable incoming dir is something one should definitely stay away from.
Nmap is a good port scanner you can run on your system to determine what ports
are open and decide what should be filtered. Tripwire is a good method of
checking what files get modified so if you are vulnerable (ie online with high
bandwidth) I would install that as well.
Best of luck,
Charles
> Regards,
> Dan
>
> Terra Soft Solutions, Inc.
> http://www.terrasoftsolutions.com/
>
> Yellow Dog Linux
> "The Ultimate Companion for a Dedicated Server"
> http://www.yellowdoglinux.com/
>
> Black Lab Linux
> Advanced Workstations, Parallel, and Embedded Solutions
> http://www.blacklablinux.com/
-- Terra Soft Solutions, Inc. http://www.terrasoftsolutions.com/Yellow Dog Linux "The Ultimate Companion for a Dedicated Server" http://www.yellowdoglinux.com/
Black Lab Linux Advanced Workstations, Parallel, and Embedded Solutions http://www.blacklablinux.com/
This archive was generated by hypermail 2a24 : Thu Aug 17 2000 - 16:47:32 MDT