Find the answer to your Linux question:
Page 3 of 3 FirstFirst 1 2 3
Results 21 to 23 of 23

Thread: hacked!

Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #21
    Linux Newbie
    Join Date
    Jul 2005

    sure, but if the date resembles the date when the problems (or notice) startted...

    it sure isn't foolproof, but it can help you.
    if you didn't updated in a couple of weeks, and the date is from yesterday...
    a bell should rinkle
    Help me getting a Opera licence
    Beginning with debian? -> read THIS!

  2. #22
    Something else you can look at to double check….

    Try looking at your log files, are you missing chuncks of time in logs that should have concurrent entries everyday? This is one good sign that you have been ‘hacked’. Another good way to test is monitor your traffic in and out of that server using a program I found a while back called ‘iftop’. It’s a great tool for watching port connections etc on the machine.

    Everyone in here is correct on what you should do. However an OS Realod of your system is probably the best way to completely clean your system out. There is no telling what the malicious user has placed on your system. There could be ‘time-bombs’ on the sysetm, that you “think” you’ve cleaned the system but the executbles will open another backdoor, if any, and gain root access again.

    Secure your directories next time, harden the machine and keep those punks out.

  3. #23
    Linux Newbie
    Join Date
    Jan 2004
    Belgrade, S&M
    If you want to be absolutely shure about leaving no backdoors you have to reinstall. However, if you can sleep at night knowing you only replaced the bad files i guess it is ok too

  4. $spacer_open

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts