thanks a lot for the tips, man by the way, we normally run 'apt-get update' on this box (weekly), so do I get it correctly that doing so does not actually update the software installed to the current version?
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Jimmy Lim Sent: Wednesday, June 18, 2003 3:42 PM To: Philippine Linux Users Group Mailing List Subject: Re: [plug] smb panic On Wed, 18 Jun 2003 15:22:51 +0800 "Revi Sun" <[EMAIL PROTECTED]> wrote: > now that's a scary thought, any suggestions on what steps we should > take? If you're running tripwire or aide be sure that your file integrity is consistent, check all running program inside your box as well as network socket to know if there's a backdoor running. I suggest you reinstall a new linux from a new harddrive and check the logs of your old hdd to know who and how it was compromised. Take note don't format your old hdd to track the finger print leaved by the cracker, and be sure that all running services on your new server is up to date. For more info how to secure your server, read some security issues related to linux and keep updated your program running on it. HTH, -- Jimmy Lim Operation & Support Team Leader Tricom -- Philippine Linux Users' Group (PLUG) Mailing List [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie -- Philippine Linux Users' Group (PLUG) Mailing List [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
