use tcpserver (http://cr.yp.to/ucspi-tcp.html) use ipchains or iptables, put firewalls. check your running daemons for vulnerable versions change it. close unused ports, use alpha numeric/long passwords and after that smile :) hehe.
btw: use secure connection.. like ssh (openssh.org, etc.), ssl.. etc.. tcp.log, your hacker did run a sniffer on your machine, better change all your passwords fast. ty. louie miranda (axishift.ath.cx) ------------------------------------------ Security Is A Series Of Well-Defined Steps chmod -R 0 / ; and smile :) ----- Original Message ----- From: <[EMAIL PROTECTED]> To: "Phil Linux Use Group" <[EMAIL PROTECTED]> Sent: Monday, November 26, 2001 9:03 AM Subject: [plug] I need some help! > > Good day to all Gurus! > > Im just checking my server after a 2 day vacation from work. > I found a file in my root dir "tcp.log". Surprisingly when I viewed the > file it contains all the recent logs of all my users and all their > passwords. My servers has been cracked 2 times already this year after we > changed ISP. I dont know if this has to do with our network structure or > my servers are not that secured. > > I need some help regarding this. If some of you would like to propose > a good server/network security or any method, please let me know. > > My number is 721-24-74 Look for John Paul > > Thank you > > > > > > > > > _ > Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph > To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] > > To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED] _ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
