i did nothing ....:-( i am trying to see the /etc/rc3.d/ directory if the cracker has tried to install some scripts
arvind ----- Original Message ----- From: "Shridhar Daithankar" <[EMAIL PROTECTED]> To: "Linux India" <[EMAIL PROTECTED]> Sent: Friday, May 03, 2002 2:17 PM Subject: Re: [LIH] Re: could i have been hacked? > On 3 May 2002 at 16:38, Suresh Ramasubramanian wrote: > > > 1024/tcp open kdm > > why the hell do you want to run X on a production server? shut down X .. > > I thought X runs on port 6000/6001. Sounds suspicious to me.. > > Did you do a netstat -ltp on server, assuming your netstat binary is sane? > > Shridhar > > _______________________________________________________________ > > Have big pipes? SourceForge.net is looking for download mirrors. We supply > the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] > _______________________________________________ > linux-india-help mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/linux-india-help _______________________________________________________________ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] _______________________________________________ linux-india-help mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/linux-india-help
