mail server hacked
our mail server is on linux.yesterday when i went it was working fine but when i came back in the morning, it was crashed. all logs messages were empty and when rebooted it says cannot mount /proc/mounts and finally comes to maintenaince mode. now, when i try to open any file it says segmentation fault. all the files in rc.d directory are intact but i cann't understand where the error is.
Thanx in advance
Sounds like it can't read /etc/fstab or /etc/fstab is corrupt...
Did the machine crash? Did all the filesystems come up as they should?
Are you running from maintenece mode? (if you are / is mounted "read-only" and you need to remount it rw... (mount -o remount,rw /dev/hda1) )
Mail server Hacked
no it speaks "Segmentation Fault" for the every file u try to open. df and fdisk ar working fine. mount command doesn't work. it says the same Segmentation Fault.
Boot from a liveCD (gentoo-minimal is great for this - small ISO) and run an fsck on all your filesystems. If that doesn't fix it, whip out your backups and restore the box with a fresh install.
You should not put the box backup if fsck works since it might be comprimised best bet is get the backups and reinstall.
I would guess it is compromised too. Try and boot it up with 'init=/bin/sh'. Then when you get to the sh prompt, run 'init 1', and see if it spews out something about starting the bk daemon. It usually will, since /dev/null is read only at that point, and init is most probably b0rked. This is one of the common ways I find hacks on boxes that won't boot.
Let us know, and good luck.
mail server hacked
thanx friends for all ur posts. i already did the backup and reinstalled the system. if u have more suggestions plz post it here. thanx all of u for ur time.
if i found it how was it done i will share with u all..