Indeed a remote exploit in the services is possible, and ofcourse each
service can have a remote exploit...
However, I'd be trying to eliminate the less-uber-cool-hacker possibilities:
a. Bad local user (Bad user! spank him..)
b. SSH remote login using a weak password which was just guessed
("test123". Bad user again!).
Also try to check for root kits...
- Oren
Ori Idan wrote:
A server I managed was hacked by a libian hacker.
The only thing he did was changing the index.html of some web sites.
The server is based on fedora core 2
running:
httpd
sendmail
bind
proftp (through xinetd)
ssh
Any ideas how he could have done it?
What should I do to prevent such hackes in the future?
--
Ori Idan
=================================================================
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
