RE: Hacked too?
still, I think that one of the first things you should do with your hacked
systems is unplug the network cable. the majority of hacks these days are
for stepping stones, they don't necessarily care about the data on your PC,
but will have other PCs from your. I don't think you really want the FBI
knocking on your door after they findout that your home PC has been banging
on their network .. :P
> -----Original Message-----
> From: martin f krafft [mailto:madduck@madduck.net]
> Sent: January 11, 2002 2:34 PM
> To: debian-security@lists.debian.org
> Subject: Re: Hacked too?
>
>
> also sprach éÇÏÒØ âÁÌÕÓÏ× <balusov@rambler.ru>
> [2002.01.11.2316 +0100]:
> > I have run chkrootkit and get
> > "Checking `bindshell'... INFECTED (PORTS: 31337)"
> > What I need to do?
>
> reinstall. no, really! unless this is a non-productive
> system, in which
> case you are free to try to remove it. but once you have a cracked
> system, you can't take anything for granted, you can't even trust your
> keyboard anymore. and everytime you use SSH or telnet or
> whatever, your
> password is probably going straight to the hacker. so all the systems
> you SSH into are possibly also hacked. let's hope you don't root-login
> remotely anywhere!
>
> --
> martin; (greetings from the heart of the sun.)
> \____ echo mailto: !#^."<*>"|tr "<*> mailto:"; net@madduck
>
> f u cn rd ths, u cn gt a nce jb in th prgrmng indstry
>
Reply to: