Re: How do I fix this?
M A wrote:
Details thats all the ISP gave me,
Surely there must be a way to detect this is happening, or the source of it,
I have since removed all my secondary IP's,
Does IPtables need to have rules for all my secondary Ips?
I have no details of your situation, but I'd suspect that you had an
insecure web service running, and the phisher broke in using that.
Iptables can't protect you from that.
Did you keep your software up-to-date, including the insecure PHP
scripts that you're probably running?
Mr. Sanchez is right. A format and reinstall is appropriate, but you
probably first want to look through your log files to see how the
intruder got in. If you format and then reinstall the same vulnerable
software, you'll be back where you started soon.