Chris Beggy on Wed, 16 Jan 2002 00:00:21 +0100


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Hacked linux server


Mike Pflugfelder <mikep@keyinfosys.com> writes:

> First, how can I go about finding the hole that led me to this problem in the first place.  I suspect that
> it was either bind or ssh that did me in, but I'm not sure, and would really like to know.

Sorry to hear about this.  This sounds awful.  It could have been
wu-ftpd too, if you were running it with less than the latest security fix.

> that I should look into?  Are there any open source products that would be easy enough for someone with
> moderate security knowledge to set up?

tripwire?

> Finally, what web pages / mailing lists should I start looking at for security updates?  I know that I

http://www.cert.org/ is your friend.

Chris

______________________________________________________________________
Philadelphia Linux Users Group       -      http://www.phillylinux.org
Announcements-http://lists.phillylinux.org/mail/listinfo/plug-announce
General Discussion  -  http://lists.phillylinux.org/mail/listinfo/plug