On Sat, Mar 12, 2005 at 12:55:35AM -0600, Henry Tang wrote:
Nope, i don't think i am. I am running 7.3 which is a discontinued product. I am working on SuSE 9.2 now ^.^ I think it'll be much more secure than 7.3.
Umm OK, good, but don't turn the machine iff if you plan on trying to save any data gtom it for analysis. The other guy who replied said to get it off , and I agree, pull the network cable, but DON'T turn it off, reboots can often lead to rm -rf / which is added in so if the machine is powered down it can.
Allen wrote:
On Fri, Mar 11, 2005 at 12:57:14AM -0600, Henry Tang wrote:
What i need to know now is what else can i do to find how this person hacked into my system. I checked message logs and mail logs and i found the date and time the email was sent out, but I dunno if the log files got cleaned or not. What other logs can i look into?
If you're rooted they can not only delete logs but forge them. Meaning the holes where the log has been deleted can be forged so that it appears nothing happened.
Again, were you updated with alls ecurity patches?
-- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com