Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
Re: Need urgent help regarding security
From: Brian Reichert (reichertnumachi.com)
Date: Thu Nov 17 2005 - 09:54:29 CST
On Wed, Nov 16, 2005 at 05:25:52PM -0800, Mark Jayson Alvarez wrote:
> Good Day!
> I think we have a serious problem. One of our old
> server running FreeBSD 4.9 have been compromised and
> is now connected to an ircd server..
> 188.8.131.52.6667 ESTABLISHED
I had a 4.9 box compromised though the ssh install (I'm certain it
wasn't openssh, but the base install), and was running an irc server
I just yanked the box off the net, and scrubbed it flat, and
reinstalled. In my case, it wasn't worth the time to track who and
when and how; I needed to put the server back on the net.
Good luck on chasing them down.
Are you sure that effort is worth it to you?
> Yahoo! Mail - PC Magazine Editors' Choice 2005
Brian Reichert <reichertnumachi.com>
55 Crystal Ave. #286 Daytime number: (603) 434-6842
Derry NH 03038-1725 USA BSD admin/developer at large
freebsd-securityfreebsd.org mailing list
To unsubscribe, send any mail to "freebsd-security-unsubscribefreebsd.org"