Re: Hacked - again

From: Tobias Klausmann (klausman-un280403_at_schwarzvogel.de)
Date: 04/28/03


Date: 28 Apr 2003 13:21:25 GMT

Stephen Moore <stephen@skmoore.com> wrote:
> redhat 6.2, they installed
> /etc/initscript
> /usr/bin/initsys
> /usr/bin/updatefs
>
> modified ps, login, ls, netstat and a few other /bin files
>
> hope I have dealt with it.

If "dealing with it" means nothing less than reinstallation from
trusted sources, nothing executable being carried over and a
close audit of all config files, you're right. If not, you can
keep the subject of the article for the soon to come next time.

> I am guessing they got in with a old version of ssh (hoping)
> openssh-clients-2.1.1p1-1.i386.rpm

Oh my....

Greets,
Tobias



Relevant Pages

  • Hacked - again
    ... modified ps, login, ls, netstat and a few other /bin files ... hope I have dealt with it. ... I am guessing they got in with a old version of ssh ...
    (comp.os.linux.security)
  • gnome-terminal -e login
    ... I am pretty new to linux (RedHat 8.0), ... i thought i use 'gnome-terminal -e login' ... Login CRASH ... password sufficient /lib/security/pam_unix.so nullok use_authtok md5 shadow ...
    (alt.os.linux.redhat)
  • Newbie: login (gdm) and logoff windows in redhat 9
    ... the one thing I miss on my new redhat 9 installation ... after upgrading from 7.3 is the fact that my login ... screen (gdm) has changed to the "bluecurve gdm" and ...
    (RedHat)
  • Newbie: login (gdm) and logoff windows in redhat 9
    ... the one thing I miss on my new redhat 9 installation ... after upgrading from 7.3 is the fact that my login ... screen (gdm) has changed to the "bluecurve gdm" and ...
    (RedHat)
  • Re: Newbie: login (gdm) and logoff windows in redhat 9
    ... > the one thing I miss on my new redhat 9 installation ... > after upgrading from 7.3 is the fact that my login ...
    (RedHat)