Ed Kasky wrote:
> Once we cleared all the atributes, we deleted the offending programs and
> re-installed procps. They had changed just about every tool one would use
> to monitor activity including ps, netstat, w, who and a few others...
>
> That was no fun...
>
> Thanks again for the help!!!
On Wed, 26 Dec 2001 22:43:27 -0800
Ed Kasky <[EMAIL PROTECTED]> studiouisly spake these words to ponder:
>
> Thanks for taking the time to respond. Luckily, having a recent backup I
> didn't have to resort to a re-install
hey! congrats. It's good to hear that you got the problem taken care
At 08:26 PM Wednesday, 12/26/2001, daRcmaTTeR wrote -=>
>On Wed, 26 Dec 2001 15:34:47 -0800
>Ed Kasky <[EMAIL PROTECTED]> studiouisly spake these words to ponder:
>
> > We tried runlevel 1 but the file system for hda1 gets mounted as read only
> > for some reaon
> >
> > How does one get around
On Wed, 26 Dec 2001 15:34:47 -0800
Ed Kasky <[EMAIL PROTECTED]> studiouisly spake these words to ponder:
> We tried runlevel 1 but the file system for hda1 gets mounted as read only
> for some reaon
>
> How does one get around that?
>
> Ed
>
> At 03:45 PM Wednesday, 12/26/2001, Mark Weave
On Wednesday 26 December 2001 12:47 pm, you wrote:
> This particular server is running RH 6. They changed /bin/ps to something
> that is totally different than what we had on there before and created a
> hard link so that it can't be deleted or updated until we find the hard
> link. My question
We tried runlevel 1 but the file system for hda1 gets mounted as read only
for some reaon
How does one get around that?
Ed
At 03:45 PM Wednesday, 12/26/2001, Mark Weaver wrote -=>
>have you tried going in at runlevel #1, umount the partition where "ps"
>lives and tried deleting it that wa
At 03:45 PM Wednesday, 12/26/2001, you wrote -=>
>On Wed, 26 Dec 2001 11:47:25 -0800
>Ed Kasky <[EMAIL PROTECTED]> studiouisly spake these words to ponder:
> > hard link so that it can't be deleted or updated until we find the hard
> > link. My question is how do I trace this link so I can delete
On Wed, 26 Dec 2001 11:47:25 -0800
Ed Kasky <[EMAIL PROTECTED]> studiouisly spake these words to ponder:
> What a holiday! Our box that runs our mail server was hacked on Dec. 23
> and we are still trying to clean up the mess...
>
> I know this may be a tad off topic so if you have an answer t
What a holiday! Our box that runs our mail server was hacked on Dec. 23
and we are still trying to clean up the mess...
I know this may be a tad off topic so if you have an answer to this
question, you can always just email me privately. I just thought someone
here might know how to solve th