Re: hacked, then intrusion detection system

To: John Hasler <john@dhh.gt.org>
Cc: <mgriffa@fibertel.com.ar>, <debian-user@lists.debian.org>
Subject: Re: hacked, then intrusion detection system
From: <mgriffa@fibertel.com.ar>
Date: Sat, 3 Feb 2001 20:57:10 -0300 (ART)
Message-id: <[🔎] Pine.LNX.4.30.0102032047360.1548-100000@marla.juncal.org>
In-reply-to: <[🔎] 87elxfs821.fsf@toncho.dhh.gt.org>

On 3 Feb 2001, John Hasler wrote:

> mgriffa writes:
> > I just realized that someone entered my debian box with cablemodem. I
> > couldn't find anything in the logs,...
>
> Thereby demonstrating that the author of the script your script-kiddie used
> is not incompetent.
>
> > ...but the pump package was deleted.
>
> Why do you consider this proof that you were cracked?

Phisically, noone but me has access to the machine.
And some suspicious entries on the log took place while I was sleeping.

> > I'd like to hear about any advices...
>
> If you really were cracked (that's _cracked_, not hacked) you must
> reinstall _immediately_.  It is impossible to clean up safely after a
> break-in.  You must also install all security updates and keep them up to
> date.

is there any way to full re-install the system from inside? like apt-get
...... ?

Reply to:

Follow-Ups:
- Re: hacked, then intrusion detection system
  - From: John Hasler <john@dhh.gt.org>

References:
- Re: hacked, then intrusion detection system
  - From: John Hasler <john@dhh.gt.org>

Prev by Date: KDE Sound Problem
Next by Date: Re: hacked, then intrusion detection system
Previous by thread: Re: hacked, then intrusion detection system
Next by thread: Re: hacked, then intrusion detection system
Index(es):
- Date
- Thread