Rick Blake wrote:
>
> sounds like you've been had. or your server. Might have been a bind
> exploit, buffer overflow or something, though it's also likely that the
> intrusion occurred in another module and the intruder is making the rest
> of your machine his.
<snip>
> good luck. root hacks suck. this sounds like a root hack.
>
> Rick
Look for some dot files (like .ADMROCKS) in your named data directory,
usually /var/named.
Do a remote portscan of your machine. Look for modified
/etc/ld.so.cache and whatnot.
Good luck,
Josh
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
