compromised server

From: jahmon (jahmon_at_jahmon.com)
Date: 08/28/03

  • Next message: Guy P.: "Re: compromised server" 
    Date: Thu, 28 Aug 2003 10:41:59 -0400
To: freeBSD-security@freebsd.org

    I have a server that has been compromised.
    I'm running version 4.6.2
    when I do

    >last

    this line comes up in the list.
    shutdown ~ Thu Aug 28 05:22
    That was the time the server went down.
    There seemed to be some configuration changes.
    Some of the files seemed to revert back to default versions
    (httpd.conf, resolv.conf)

    Does anyone have a clue what type of exploit they may have used?
    Is there anyway I can find out if there are any trojans installed?

    Thanks

    jahmon

    _______________________________________________
    freebsd-security@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-security
    To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

  • Next message: Guy P.: "Re: compromised server"

    Relevant Pages

    • Re: Next openSUSE
      ... You apparently have absolutely no clue to what you are talking about. ... server I can connect to, ... If you talk about pictures on a website, ... Keeping the originals is also possible with a database. ...
      (alt.os.linux.suse)
    • Re: 2.6.10-rc3-mm1-V0.33-04 (private thread?)
      ... On Sunday 19 December 2004 08:56, Gene Heskett wrote: ... >from the server, but I am also getting delayed by a day, bounce ... > middle of an amanda run yesterday moring after an uptime of about ... So I have no clue. ...
      (Linux-Kernel)
    • Re: martin piers nicholson is a troll
      ... reason why some people use Google groups. ... Try finding a clue, have a ganger at for some of the many real ... reasons that any intelligent person would avoid Google Groups, ... an odd message might be in order, such as when a nntp server ...
      (uk.rec.models.rail)
    • Re: mysql-server 4.0 not working?
      ... > need help getting it running on 5.2.1 after installing I can't get it to connect to server don't have a clue why either?? ... To unsubscribe, ...
      (freebsd-current)
    • Re: What are you people using to download multipart binaries?
      ... >administer the servers you see as a free means to get your daily fix of ... Has any clue as to the history of the forum. ... admining YOUR server. ... You're a Usenet dope. ...
      (alt.os.linux.suse)