Re: BIND exploited ?
On Fri, 4 Jan 2002 03:16, Thedore Knab wrote:
> Where do I go from here ?
Buy new hard drives, install them and install the latest version of your
favourite distribution and configure it in a secure fashion. Make sure that
all passwords are different.
Trying to remove root-kits etc might be fun if you're running a "honeypot"
system, but if you are running a business or some other organization that has
aims other than playing with Linux machines then a complete re-install is the
best option. Otherwise you'll just end up playing cat-and-mouse with the
cracker, and they'll probably start randomly deleting data files when they
start losing.
--
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/projects.html Projects I am working on
http://www.coker.com.au/~russell/ My home page
Reply to: