Re: Possible comprommission, what to do ?

To: debian-user@lists.debian.org
Subject: Re: Possible comprommission, what to do ?
From: Erwan David <erwan@rail.eu.org>
Date: Thu, 13 Nov 2014 10:22:04 +0100
Message-id: <[🔎] 20141113092204.GI2981@rail.eu.org>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 20141113061823.5718d3d6@ron.cerrocora.org>
References: <[🔎] 20141113085748.GH2981@rail.eu.org> <[🔎] 20141113061823.5718d3d6@ron.cerrocora.org>

On Thu, Nov 13, 2014 at 10:18:23AM CET, Renaud OLGIATI <renaud@olgiati-in-paraguay.org> said:
> On Thu, 13 Nov 2014 09:57:48 +0100
> Erwan David <erwan@rail.eu.org> wrote:
> 
> > 	I just got a call form police, that they have arrested a
> > pirate who "tried" to connect to one of my (debian) servers. They tell
> > me he is gifted, but since the policewoman I had one phone mixes
> > server, web site and email address, it may not be completely accurate.
> > 
> > However, I'd prefer be sure my server was not compromised, and at the
> > lower possibe cost (in time and work). Is there a way to check the
> > packages/installed files from outside sources (I may boot a fresh live
> > system in order to have clean utilities), or even provoke a reinstall
> > with a new download of the whole system ?
> 
> Have you run rkhunter (or similar) to check if a root-kit has been installed ?
>  
> Cheers,
>  
> Ron.

No, not yet.

I'll check if it is on the live boot.

Reply to:

References:
- Possible comprommission, what to do ?
  - From: Erwan David <erwan@rail.eu.org>
- Re: Possible comprommission, what to do ?
  - From: Renaud (Ron) OLGIATI <renaud@olgiati-in-paraguay.org>

Prev by Date: Re: Possible comprommission, what to do ?
Next by Date: Re: Unable to start kvm virtual machines after re-install of "testing"
Previous by thread: Re: Possible comprommission, what to do ?
Next by thread: Re: Possible comprommission, what to do ?
Index(es):
- Date
- Thread