Help... I've been hacked!
Chris Janicki
Janicki at ia-inc.com
Tue Mar 27 11:50:12 EST 2001
Hi, I'm brand new to Linux, although I know Solaris. I was working on my
brand new Red Hat 6.2 Linux machine (soon to be my web server, email
server, etc.) when I noticed an email returned to root. It was from
Yahoo, saying that the destination's email box was full. The subject of
the email was my IP address! Knowing that I hadn't sent any email, I did
'grep yahoo /bin/*' and found that email address in login, ps, ls, and
netstat. I've been hacked, right?!
1) What can I do to replace those files? I spent many hours configuring
box, so I don't want to start from scratch.
2) Is there anywhere else I should look for problems?
3) Is there any particular hole in RedHat 6.2 that I need to address.
(It was preconfigured on the machine I bought from Penguin, in December.)
Thanks!
--
Chris Janicki
781-662-9424
Industrious Activities, Inc.
http://www.ia-inc.com
-
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at blu.org (Subject line is ignored).
More information about the Discuss
mailing list