Re: Am I Compromised -- Some interesting findings
-----BEGIN PGP SIGNED MESSAGE-----
alex on Friday 25 Nov 2005 22:32 wrote:
> This is a very good analysis and you did a good job at it. But there
> is no future for your server. Right now what you need to do is kill
> it, boot with a boot disk, save all data and configs not without
> checking exactly what youre saving, find out how where you cracked (go
> forensic on your server), reinstall it in a box with a better security
> setup (since the one youre talking about was obviously vulnerable)...
The biggest pain is that these servers are at a remote location and I don't
think my client can afford my physical visit to the site. In simple it
looks like I'll have to do a clean install again.
Ritesh Raj Sarraf
RESEARCHUT -- http://www.researchut.com
Gnupg Key ID: 04F130BC
"Stealing logic from one person is plagiarism, stealing from many is
"Necessity is the mother of invention."
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
-----END PGP SIGNATURE-----