I have a RaQ3 used only for development but connected to the Internet
via a static IP and running some legitimate Virtual sites for testing
purposes.
This morning at 10:52 UK time, my RaQ3 was hacked and EVERY file
named INDEX.HTML was replaced with a bogus page from the
" 1i0n Crew and powered by H.U.C".
Many other key files were 'touched' (including passwd, shadow, etc).
I'll have to reload from recovery to guarantee a clean machine. The
machine was essentially trashed.
My questions:
Where in the debris am I likely to find a clue to the IP of the purpetrator?
What specific RaQ3 compatible software would have likely prevented
this?
Ed
_______________________________________________
cobalt-developers mailing list
[EMAIL PROTECTED]
http://list.cobalt.com/mailman/listinfo/cobalt-developers
