[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: hacked, then intrusion detection system

mgriffa writes:
> I just realized that someone entered my debian box with cablemodem. I
> couldn't find anything in the logs,...

Thereby demonstrating that the author of the script your script-kiddie used
is not incompetent.

> ...but the pump package was deleted.

Why do you consider this proof that you were cracked?

> I'd like to hear about any advices...

If you really were cracked (that's _cracked_, not hacked) you must
reinstall _immediately_.  It is impossible to clean up safely after a
break-in.  You must also install all security updates and keep them up to
John Hasler
Dancing Horse Hill
Elmwood, Wisconsin

Reply to: