Before doing much of anything, you probably want to download a fresh
/bin/rpm and and use it to verify that the packages installed (e.g.,
syslogd) are really what they say they are.
hth,
kf
--
My recommendation: Don't shop at Explorer Micro, Columbus, Ohio.
On Tue, 19 Sep 2000, Kerry Miller wrote:
= Ok, I've taken several of your suggestions about looking at this hacked
= server. Somehow, they've turned off the logging and there are no entries
= in anything under /var/log where you would normally check out the logs.
= How can I restart the logging? I saw syslog in the rc3.d directory but
= haven't gotten past that yet. It looks like they are using his database
= server as a porn web server, and it's getting a LOT of use!
=
= Also, I'll have to plead guilty for 2 things yesterday:
= 1. Asking a question which was answered earlier
= 2. Posting to the list with a blank subject line
=
= I'll start my pennance now... I forgot I was on the digest and it didn't
= put the subject line up there for me. In the mean time, can this stupid
= hacked server be my good deed for the day?
=
= Thanks for the help, if you can tell me how to get the logging back I'll
= see if we can catch this sucker. Whoever set up the machine left the
= hosts.allow and hosts.deny files empty and every service in the world is
= running whether they need it or not.
=
= Thanks,
= Kerry
=
=
=
= _______________________________________________
= Redhat-list mailing list
= [EMAIL PROTECTED]
= https://listman.redhat.com/mailman/listinfo/redhat-list
=
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
