On Fri Nov 26, 1999 at 09:14:30AM +0100, Laurent SEROR wrote:
> Hi,
>
> One of my server has been hacked (Linux RH 5.1). The hacker put a trojan named
>'crund' this is the second time this happen and I believe that it is the same person.
>
> Did someone know it ?
If this is the second time, why after the first time didn't
you upgrade to a newer distribution that does not have all
the known security holes in RH 5.1? Whenever a machine is
compromised, unless you are _really_ good with Linux, you
should back up any data you wish to save and then reinstall.
Without that, you can't be sure everything from the rootkit
the cracker dropped in is fully removed, and even if it was,
the original security hole they used would still be open.
-Erik
--
Erik B. Andersen Web: http://www.xmission.com/~andersen/
email: [EMAIL PROTECTED]
--This message was written using 73% post-consumer electrons--
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
