On Tue, Jul 03, 2001 at 08:14:29AM +1000, Bevan Broun wrote:
> > any binaries from your current box - data files only. Without something
>
> And data/config files must be checked. No point pointing back nice secure
> binaries if a config file allows something it shouldnt.
>
> You also need to try and identify how the cracker got in. You could rebuild
> and leave the same hole open. Turn off every service in the first instance,
> until you have updated packages. Turn on only what services you need and
> try and restrict these services only to the hosts that you need to serve.
>
> BB
Installing Nessus somewhere and scan your machine after the rebuild will help
with working out how they got in. Just for interest, what distro and version
was it?
--
Stephen Norris [EMAIL PROTECTED]
Farrow Norris Pty Ltd +61 417 243 239
PGP signature
