On 30/11/2007, Alfredo Perez [EMAIL PROTECTED] wrote:
Furthermore, this question is for the list
I have a Centos 5 server running sshd
for me to signon and check my emails.
I use denyhosts to protect port 22.
Is there anyother software you people use
to protect your servers.
There are a
On 30/11/2007, Evans F. Mitchell KD4EFM / AFA2TH / WQFK-894
[EMAIL PROTECTED] wrote:
By any chances, have you ran 'ps ax' from root and looked
to see what does not look like it should be there??
IF you are willing, paste your 'ps' output for us to
help you find the program that is running and
it.
Good Luck.
Evans F. Mitchell KD4EFM/AFA2TH/WQFK-894
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
Of Alfredo Perez
Sent: Friday, November 30, 2007 7:40 AM
To: CentOS mailing list
Subject: Re: [CentOS] CleanLog.h
On Thu
On Fri, 2007-11-30 at 12:22 -0500, Alfredo Perez wrote:
Hi Can you tell me which virus scan you are using?
Thanks
Can you share your findings with us?
Yes, however this thread will be dead from my end for the next 2 weeks due to
travel.
I am taking some files from the
. Mitchell KD4EFM/AFA2TH/WQFK-894
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
Of Alfredo Perez
Sent: Friday, November 30, 2007 7:40 AM
To: CentOS mailing list
Subject: Re: [CentOS] CleanLog.h
On Thu, Nov 29, 2007 at 04:43:44PM -0600, B.J. McClure wrote
On Thu, Nov 29, 2007 at 04:43:44PM -0600, B.J. McClure wrote:
Sad to say one of my file servers was exploited and used to run a
Phishing scam. Have identified subject virus amongst other things. It
appears twice in a virus scan; /sbin/z (which I assume can just be
deleted) and
On Fri, 2007-11-30 at 07:40 -0500, Alfredo Perez wrote:
On Thu, Nov 29, 2007 at 04:43:44PM -0600, B.J. McClure wrote:
Sad to say one of my file servers was exploited and used to run a
Phishing scam. Have identified subject virus amongst other things. It
appears twice in a virus scan;
On 30/11/2007, B.J. McClure [EMAIL PROTECTED] wrote:
Sad to say one of my file servers was exploited and used to run a
Phishing scam. Have identified subject virus amongst other things. It
appears twice in a virus scan; /sbin/z (which I assume can just be deleted)
and
On Thu, 29 Nov 2007 16:43:44 -0600
B.J. McClure [EMAIL PROTECTED] wrote:
Sad to say one of my file servers was exploited and used to run a
Phishing scam.
One of the problems with being r00ted is that you can never be sure that you
have found all of the stuff that the bad guy left behind.
Find out how they got in and make sure that hole is fixed.
Do an rpm verify on all installed packages (excluding configs), reinstall the
rpms that fail the verify.
Find all binaries that are not accountable in rpm and nuke them.
Harden your host with selinux and audit, keep audit logs of all
On 30/11/2007, Ross S. W. Walker [EMAIL PROTECTED] wrote:
Find out how they got in and make sure that hole is fixed.
Do an rpm verify on all installed packages (excluding configs), reinstall
the rpms that fail the verify.
Find all binaries that are not accountable in rpm and nuke them.
On Fri, 2007-11-30 at 12:26 +1100, Amos Shapira wrote:
On 30/11/2007, Ross S. W. Walker [EMAIL PROTECTED] wrote:
Find out how they got in and make sure that hole is fixed.
Do an rpm verify on all installed packages (excluding
configs), reinstall the rpms
12 matches
Mail list logo
