mikeIOLO.COM

• Next message: Ben Beeson: "Re: Cracked, now what?"
• Previous message: FireLinuxHQ.Org: "Port 8 ?"
• In reply to: Marcus Reid: "Re: How secure is sudo?"
• Next in thread: Ben Beeson: "Re: Cracked, now what?"
• Next in thread: Riley Hassell: "Re: How secure is sudo?"
• Reply: Mike: "Cracked, now what?"
• Reply: Ben Beeson: "Re: Cracked, now what?"
• Reply: overdoseVOMITORIUM.ORG: "Re: Cracked, now what?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Greetings:

I've just discovered my linux machine has been cracked with some toolkit
named .nfx. It looks like the cracker has created a few accounts, killed
all my logging processes, and altered a few programs (like ps), and added a
few programs like port scanners.

This machine is a file server and doesn't really contain anything
sensitive, or really anything worth stealing. Admittedly, I've been pretty
lax with security because of this. In other words, this isn't an urgent
situation. The system is pretty old and I've been meaning to update it
soon anyway.

Besides being pretty disturbed and the violation, the cracker is using my
machine to port scan other machines. That I feel is my responsibility to
remedy pretty quickly.

Okay. Now what? Is there anything I can do to try to bust this guy before
I just redo the system from scratch? Any suggestions here?

TIA

• Next message: Ben Beeson: "Re: Cracked, now what?"
• Previous message: FireLinuxHQ.Org: "Port 8 ?"
• In reply to: Marcus Reid: "Re: How secure is sudo?"
• Next in thread: Ben Beeson: "Re: Cracked, now what?"
• Next in thread: Riley Hassell: "Re: How secure is sudo?"
• Reply: Mike: "Cracked, now what?"
• Reply: Ben Beeson: "Re: Cracked, now what?"
• Reply: overdoseVOMITORIUM.ORG: "Re: Cracked, now what?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]