Andrew McGlashan writes > Thomas Krichel wrote: > >chattr -sia /bin/ps ; scp r...@nebka:/usr/bin/ps /usr/bin/ps ; sudo apt-get > >-y install --reinstall procps > > So, in effect, did you possibly give away your root password or pass > phrase key for the netbka machine?
Yup. After killing the "dropbear" process. > I wouldn't be that trusting, I wouldn't be either, but what is man to do who is not a security expert to do? > you already know you were compromised > -- best to re-install clean if you ask me. yeah, but I have no physical access to the infected box and must keep its data. I reinstalled all the packages. psutils was the one that got aptitude stymied. Cheers, Thomas Krichel http://openlib.org/home/krichel http://authorclaim.org/profile/pkr1 skype: thomaskrichel -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
