Is this a normal thing to have uncommented in inetd.conf?? I am trying to figure out where an attacker is getting in, nothing shows in the logs whatsover, yet the attacked can server wide deface all index.html's and alike. /usr/sbin/in.ident has a normal wtime of Sept, 1999 which means it wasnt altered... right?
Any ideas? Dave _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
