[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: hacked, then intrusion detection system

On 3 Feb 2001, John Hasler wrote:

> mgriffa writes:
> > I just realized that someone entered my debian box with cablemodem. I
> > couldn't find anything in the logs,...
> Thereby demonstrating that the author of the script your script-kiddie used
> is not incompetent.
> > ...but the pump package was deleted.
> Why do you consider this proof that you were cracked?

Phisically, noone but me has access to the machine.
And some suspicious entries on the log took place while I was sleeping.

> > I'd like to hear about any advices...
> If you really were cracked (that's _cracked_, not hacked) you must
> reinstall _immediately_.  It is impossible to clean up safely after a
> break-in.  You must also install all security updates and keep them up to
> date.

is there any way to full re-install the system from inside? like apt-get
...... ?

Reply to: