Hi, After only having my server up for a few hours and to a state that I thought was fairly secure, I got hacked with what I think is a man in the middle attack. Other than turning off ports (telnet, ect.), changing root passwords, and editing the hosts.allow and hosts.deny files, what can I do to secure my server. I noticed that he/she was able to run ipchains and filter through his/her ip. In addition, the he/she was able to mount a filesystem on my machine. I have flushed the ipchains and unmounted the filesystem. Am I missing anything? I have not had my server up for a year. Has the Internet become that bad in one year?
Many thanks, Cate Serino -- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
