On Wednesday 28 November 2001 04:05, you wrote: > > I am assuming the box has been cracked, > > Why? Because two log files are empty? > Do you have a strong password for root? > Are you using DF's standard ipchains rules? > If the answers are yes, I'm not convinced. > It's not called Dachstein "Firewall" for > nothing.
Many thanks to all, out of late night laziness (brought on by a 400 mile trip that ended up with this circumstance), I should have compared the ram disk with my exact backup. Nothing has been accessed, nothing has been changed, nothing has been compromised, nothing has been rootkitted here. ~~Sorry for wasting brainpower~~!!! The "hacker/cracker" has been using a prog that exploits im's/pm's in yahoo chat that leaves M$ 9x/ME boxes wide open on the tcp channel. It's the same thing that has plagued AOL for years now. I guess it's just proof that closed-source software doesn't help a thing once again. I just need to remember how _not_ to log certain DENY'ed packets. I start another thread since I can't seem to find anything on the sites or in the archives (though I remember this being discussed a year or two ago.) I feel better now! ~Lynn Avants [EMAIL PROTECTED] _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
