Mailinglist Archive: opensuse-security (220 mails)

< Previous Next >
Re: [suse-security] Intrusion
  • From: Antun Balaz <antun@xxxxxxxxxxxx>
  • Date: Mon, 24 Nov 2003 16:38:14 +0100 (CET)
  • Message-id: <Pine.LNX.4.44.0311241635180.1975-100000@xxxxxxxxxxxxxxxxxxxx>

Unfortunately,
I have 100+ users, my server is mail and web server, so it is impossible
to just disconnect it and install from scratch. Besides, all security
pathes were allready applied, so this will not help me, or I am mistaken?

Any other suggestions?

Thanks,
Antun

-------------------------------------------
Antun Balaz
http://www.phy.bg.ac.yu/~antun/

Institute of Physics, Belgrade
Serbia and Montenegro
http://www.phy.bg.ac.yu/
-------------------------------------------


On Mon, 24 Nov 2003, Togan Muftuoglu wrote:

> * Antun Balaz; <antun@xxxxxxxxxxxx> on 24 Nov, 2003 wrote:
> >
> >Hi to all,
> >it seems that I have a serious problem, although I updated my SuSE 8.1
> >server quite recently (all security updates were applied).
> >
> >I have two questions:
> >
> >1) What to do right now to prevent any misconduct of my server?
>
> Immediately disconnect the machine from the Internet
>
> >2) How to clean up the server?
>
> Make a clean install from scratch and make sure before putting it back
> to the net all patches are applied either use fou4suse or YOU to
> automate the process.
>
> HTH
> --
>
> Togan Muftuoglu
> Unofficial SuSE FAQ Maintainer
> http://susefaq.sf.net
>
>
>
> --
> Check the headers for your unsubscription address
> For additional commands, e-mail: suse-security-help@xxxxxxxx
> Security-related bug reports go to security@xxxxxxx, not here
>
>
>



< Previous Next >
Follow Ups
References