Mailinglist Archive: opensuse (4749 mails)
| < Previous | Next > |
Re: [SLE] Has someone hacked my server? Has someone gotten root onmy machine?
- From: Jon Clausen <=dsl23212@xxxxxxxxxxxxxxxx>
- Date: Fri, 2 May 2003 12:21:40 +0200
- Message-id: <20030502102139.GB1392@xxxxxxxxxx>
On Fri, May 02, 2003 at 11:39:19AM +0200, Dan Eskildsen wrote:
> Thanks all for the help.
>
> Can I ask one really dumb question? How can I check where the other
> machines on the network (win2k machines) have been cracked?
With all the noise in your linux-box's logs, and the fact that your W$-boxes
are exposed to the 'net'... I would personally just assume that they
*were*...
I have no idea how to check that on any kind of windows, but in any case you
stand little or no chance of 'cleaning' up infected systems. I'd suggest
something like this:
1: Get all the machines off the net
2: Backup your data
3: Build a dedicated firewall of whatever Pentium-class hardware you have
and install LEAF/Bering on it:
http://leaf.sourceforge.net/mod.php?mod=userpage&menu=904&page_id=21
4: Reinstall *all* your machines
5: Return to normal
It may seem a little harsh, but well... ;)
> Regards from Denmark,
Tak :)
HTH
Jon Clausen
P.S. Please trim the quotes... (deleted ~70 lines just now)
--
If we can't be free, at least we can be cheap!
> Thanks all for the help.
>
> Can I ask one really dumb question? How can I check where the other
> machines on the network (win2k machines) have been cracked?
With all the noise in your linux-box's logs, and the fact that your W$-boxes
are exposed to the 'net'... I would personally just assume that they
*were*...
I have no idea how to check that on any kind of windows, but in any case you
stand little or no chance of 'cleaning' up infected systems. I'd suggest
something like this:
1: Get all the machines off the net
2: Backup your data
3: Build a dedicated firewall of whatever Pentium-class hardware you have
and install LEAF/Bering on it:
http://leaf.sourceforge.net/mod.php?mod=userpage&menu=904&page_id=21
4: Reinstall *all* your machines
5: Return to normal
It may seem a little harsh, but well... ;)
> Regards from Denmark,
Tak :)
HTH
Jon Clausen
P.S. Please trim the quotes... (deleted ~70 lines just now)
--
If we can't be free, at least we can be cheap!
| < Previous | Next > |