> > Last night my host sent out a message that their database had been > > compromised. I contacted them this morning and it turns out that all > > of their trouble tickets were exposed. I checked my records and > > (stupidly) I had included my root password in an email to them about a > > year ago. I (stupidly) hadn't changed the password since. I've > > changed it now and rebooted the system, but what do you think? Do I > > need to start this thing over? > > equery check sys-process/procps > equery check sys-apps/coreutils
These check out. > Make sure that none of the executable files have changed. > > Also, emerge and run app-forensics/rkhunter chkrootkit reports no problems whatsoever which is actually kind of weird as I remember some things being reported last time I ran it, but I looked into them then and they weren't a problem. rkhunter reports no problems but it says it couldn't determine the OS so MD5 checks were skipped. - Grant -- [EMAIL PROTECTED] mailing list
