> > Last night my host sent out a message that their database had been > > compromised. I contacted them this morning and it turns out that all > > of their trouble tickets were exposed. I checked my records and > > (stupidly) I had included my root password in an email to them about a > > year ago. I (stupidly) hadn't changed the password since. I've > > changed it now and rebooted the system, but what do you think? Do I > > need to start this thing over? > > > > - Grant > > I think you should take a look at the programs that > are running, and netstat -l, and see if anything is fishy.
I recognize everything in 'ps -ef' I think, but I've never really used netstat before. Under "Active Internet connections" I don't recognize: tcp localhost:10030 tcp *:snpp I don't recognize most of the paths under UNIX domain sockets. Anything particular I should look for? - Grant -- [EMAIL PROTECTED] mailing list
