On Monday 02 June 2003 19:03, Robert Schelander wrote:
i've checked the whole thing
- initsys is really part of rootkit - all my firewall rules were down - chkrootkit finds inetd infected, and detects a hidden process... reports an LKM my smb.conf: hosts deny = ALL EXCEPT ip1.ip2.255.255 whatever this strange syntax means it doesn't look good :) - syslogd was modified that it doesn't log anything - crontab did not work
so I have to install everything from scratch....
any hints are welcome to make my new system better. i need it as an apache webserver with ssh for administration and proftpd for uploads. a friend told me to use openbsd since it's more secure than linux. I don't know whether this is true, but at the moment I've too less experience with other OS to take anything other than linux for servers.
thanks for your help robert
First, disconnect the machine from the network/internet. I do not remember, but did you describe your box? What version of software, updates and patches applied? firewall rules (or, for you, I would suggest using one of SuSE's firewall scripts). For suggestions to be made there needs to be a basis. Also, if you are only using this for Apache and ftp then you should do a fairly minimal install. No X/KDE/etc. Why are you using Samba? Again, it should not be installed if you only need Apache and ftp. If you need to transfer files then you can use ftp and then move them around through your ssh connection. Jim