|
We are using a Netmax Firewall (3.1). We were hacked and it appears that the hacker has placed a script that runs now on the server that tries to hit random IP addresses, looking for SSH access. We have verified that the hacker can not get in again (we hope), and that this SSH traffic can not as well, but the script still runs. Unfortunately we do not have a checksum to verify what files were changed, and have looked at t0rn to make sure that is not the kit used. Does anyone have any suggestions on where to look to try to rectify this?
Matthew
Carpenter, MCP, CNA, A+
|
- Re: Netmax Matthew Carpenter
- Re: Netmax Ron DuFresne
- Re: Netmax Truman Boyes
- Re: Netmax Tony Rall
- RE: Netmax Matthew Carpenter
