Also I would use SWATCH to monitor log files and notify you of attacks, I
use this to watch
my ftp server logs because of all the attacks I get on my ftp server and it
sends an
Email to My Alpha Pager with a clip of the log that matches it's trigger.
Also making sure you
are uptodate on all updates is the BEST thing you can do to be secure.
-John
> Did you happen to check your logs and see how/when they may have gotten
in?
> If you have no need for services, why not shut down all non-essential
> daemons to prevent this in the future. Also, you could install tripwire or
a
> similar product to identify any would-be intruder. The only application I
> could see to the cooker list might be that they could include some more
> security products in their release, IDS type stuff. If this kid found a
new
> exploit you should ask him about it so you can report it to Mandrake...
>
> good luck,
> Tim
>
>
> > Hi
> >
> > This was not pleasant. Basically I had four installations on my
> > harddrive. Mdk 7.2, a cooker and a cookerwith hdreiserfs and a debian.
> > Common to all these was a partition called the garage where a had my
> > mirrors of all the systems. This was meant to be a security as only root
> > could access /mnt/garage.
> >
> > I observed that I could not chown a file to the user and got suspicious.
> > I rebooted into debian and the same thing happend.
> >
> > So I have now formated everything and started fresh. The only thing I
> > had was the three startdisks for debian so that was the first to enter.
> > I got a network.img for mdk7.2 and got it installed, but was too
> > restrictive and have no update icon.
> >
> > My problem is that the 'update files' are so many and I dont want to do
> > that from within mdk7.2, when not secure. I suspect I will have to
> > install a cdwriter and download the iso-images, as they have md5sums.
> >
> > For the future I would like every file to be accomanied by that.
> >
> > What is the best way or most secure one? I suspect the intruder to be a
> > student from the local highschool, so we are on the same LAN.
> >
> > regards
> > guran
> >
> >
>
>
>
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.228 / Virus Database: 109 - Release Date: 1/17/2001
