On Wed, 2002-10-23 at 15:37, linux power wrote: > Ok. Then I think I buy a used PC and use it as a > router for my windozes and install a minimum > configuration. >
exactly what I did. The real issue now is in my paranoid mind is that you do not know what sort of stuff has been installed/ modified including the system tools that are normally used to track down these sort of problems. Your logging module for ipchains has been dinked with that we know of and that is really scary unles someone comes back and says hey, that is done by blah blah it is not a problem. Not likey IMHO. Now having said all that, I am assuming that you will still be using this box behind the firewall that you are going to build. I submit that your old machine can still be used in some sort of DDOS attack or scanning since connections to the big bad interent can be made from within the trusted network and your firewall will allow that to happen of course. As was mentioned very early in this discussion, by others before I put my 2cents in, you have NO way of knowing what has changed without some really serious forensic work and that has bee hampered by the lack of intrusion detection software that would of at least have given you a baseline if done correctly. I know it is a pain in the rear, but remember that you may be contributing to the spread of the worm or whatever it is that made in onto your system and causing significant damage to other people's system. I would not want to be responsible for that simply because I was too lazy to go through the hassle of reinstalling and I Hate reinstalling. I did theximian evo thing about a year ago and I have been unable to make myself take the time to redo the mess ximian made because my laptop is my primary computer. Do us all a favor, and pick a rainy weekend and rebuild the hacked box. Bret -- redhat-list mailing list unsubscribe mailto:redhat-list-request@;redhat.com?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
