This morning I awoke to my Linux server not responding, and when I went to
the system itself, there were a bunch of PAM *** info lines on the screen
for a username I had never seen... I couldn't log in, and had to just power
down and do a manual fsck when it came back up... (bear with me, there is a
question here) Once the system came back up (after changing all the
passwords of course... ) there was a new user "shlomi" added to the
system, and in the home directory was a program directory, and the tar
file... (bnc2.6.2 bnc2.6.2.tar.gz) My questions are 1). What is
this BNC, and should I worry about what this guy may have done to my system
(everything seems to work fine, but I don't know if he did something
"behind the scenes") 2). How did this guy get in, and what can I do to
avoid these things from happening in the future (I noticed on the screen
when I got to the system one of the PAM's was him being su'd.. NOT
good) And Lastly, where is the log that holds the telnet info so I can
check and see EXACTLY what this guy did... Thank you all in advance for
you help! It is greatly appreciated!
Fred
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list