lighting---hacked!

From: Clayton D. Strand (cdstrand@lazotech.com)
Date: 05/08/02


From: Clayton D. Strand <cdstrand@lazotech.com>
Date: Wed, 08 May 2002 15:40:39 GMT

Our server (www.lazotech.com) got hacked. Someone put a program on it
to change the root password then installed a program called
BOGUS.root.h2aC which evidently replaced our named. I can't get into
the system, the command "passwd" from a rescue disk does not work, as
the actual password files were deleted from the system.

Is there a convenient fix, or am I hosed, if I understand the
technical term correctly?

Regards,

Dave
cdstrand@lazotech.com
http://www.cdstrand.com



Relevant Pages

  • Re: recovering root password, was Help!Help!Help!
    ... > I need to know how to change or eliminate a root password. ... > and eliminated our online site, and all our data we have spent two ... > compalints our from our ISP that our server was trying to agressively ... make another backup of your test server. ...
    (freebsd-questions)
  • Re: System Intrustion Detection
    ... be sure your root password is 'strong'. ... configure your ssh daemon to only support public key ... server, the other goes to the remote system and is used to authenticate ... built in to your sshd daemon). ...
    (freebsd-questions)
  • mysqladmin wont work
    ... of this server so I have no idea what the password could be. ... I was thinking to override the previous root password so I checked the ... Passwords may be assigned from the command line by using the mysqladmin ... connect to server at 'localhost' failed ...
    (freebsd-questions)
  • Re: lighting---hacked!
    ... > Our server got hacked. ... > to change the root password then installed a program called ... > the actual password files were deleted from the system. ... > Is there a convenient fix, or am I hosed, if I understand the ...
    (comp.os.linux.security)
  • Re: lighting---hacked!
    ... >> to change the root password then installed a program called ... >(The 1517 ports scanned but not shown below are in state: ... >Port State Service ... That is what we were using for a mail server before we put ...
    (comp.os.linux.security)