Mailinglist Archive: opensuse (3644 mails)

< Previous Next >
Re: [SLE] possible intrusion need Urgent help
  • From: Doug McGarrett <dougmack@xxxxxxxxxx>
  • Date: Thu, 28 Feb 2002 19:12:31 -0500
  • Message-id: <200203010012.g210CetK006138@xxxxxxxxxxxxxxxx>
At 08:29 02/28/2002 -0500, zentara wrote:
On Wed, 27 Feb 2002 18:00:29 -0800 (PST)
MindBender <ephlodur@xxxxxxxxxxxxxx> wrote:

Please need help badly.....
I'm a fraid that my Linux have been compromise
BTW I have firewall2 with ip_tables

If you feel that you may have been cracked, then your
only solution is to reinstall. You can never be sure
just patching up your current system.

Your real problem is where the problem came from.
Password protect your lilo.
Disable the cdrom &floppy boot and password protect the bios.
Stop running things as root.

Most hacks come from people you know, accessing your
console when you don't suspect it.

/snip/

Q1: How do you password protect LILO? Why should you have
to do this, unless you have a saboteur on site? Oh, I
guess I see: you are assuming someone has physical access.
Q2: If you disable cdrom & floppy boot, and you have trouble,
aren't you up the creek?

--doug


< Previous Next >
Follow Ups