Dear List, Recently i can't telnet to my linux box. A warning appears. It said that it cannot find /bin/login file. I cannot login through console either. I just can ssh to my box. My Linux box is running Red Hat 7.2 Kernel 2.4.19. I use the box as squid proxy server and Apache web server. What should i do ? Thanks
On Wed, 10 Mar 2004, Kheli wrote:
Dear List,
Hi,
Recently i can't telnet to my linux box. A warning appears. It said that it cannot find /bin/login file. I cannot login through console either. I just can ssh to my box.
by using telnet you are committing suicide, you probably have been cracked
My Linux box is running Red Hat 7.2 Kernel 2.4.19. I use the box as squid proxy server and Apache web server.
funny, this is a suse security list :-) anyway, your rh version is _very_ old, there must be a lot of exploits available, i recommend to update your server to something more recently, like suse 9.0
What should i do ?
backup only your data, and then reinstall everything from scratch. but this time use something new, like suse 9.0 and apply all the available patches. And for christ sake, _NEVER_ use telnet again bye
On Wednesday 10 March 2004 04:09, Kheli wrote:
Recently i can't telnet to my linux box. A warning appears. It said that it cannot find /bin/login file. I cannot login through console either. I just can ssh to my box.
My Linux box is running Red Hat 7.2 Kernel 2.4.19. I use the box as squid proxy server and Apache web server.
What should i do ?
Sorry if I find it funny that you ask on a SuSE security list what you must do about your antique(!) Redhat version which is (very likely) compromised. But that aside, you should seriously consider abandoning the box, i.e. backup your content-files, fully format the disk and install some fresh, recent distribution. Alternatively you can try to install and run Chkrootkit (chkrootkit.org) if you're feeling adventurous. But that won't help getting your box back in a useful state. It can only tell you if your suspicions are probably right (that you have been "owned") or not.
Thanks Good luck
Thank u, I will try to reinstall the box.
On Wednesday 10 March 2004 04:09, Kheli wrote:
Recently i can't telnet to my linux box. A warning appears. It said that it cannot find /bin/login file. I cannot login through console either. I just can ssh to my box.
My Linux box is running Red Hat 7.2 Kernel 2.4.19. I use the box as squid proxy server and Apache web server.
What should i do ?
Sorry if I find it funny that you ask on a SuSE security list what you must do about your antique(!) Redhat version which is (very likely) compromised.
But that aside, you should seriously consider abandoning the box, i.e. backup your content-files, fully format the disk and install some fresh, recent distribution. Alternatively you can try to install and run Chkrootkit (chkrootkit.org) if you're feeling adventurous. But that won't help getting your box back in a useful state. It can only tell you if your suspicions are probably right (that you have been "owned") or not.
Thanks Good luck
-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
participants (3)
-
Carlos Manuel Duclos Vergara -
Kheli -
Maarten J H van den Berg