On Wed, 2004-01-07 at 12:49, -linux_lad wrote:
It's unlikely that the kernel was exploited. proftpd recently had a well published root exploit that lots of people were victimized by. If you're going to run a server, you must understand that the server will be a target almost from the moment it's exposed to the internet.
1) Do not run services you don't need
2) Do not allow root to login remotely
3) Do not give accounts to anyone unless you trust them
4) Do run tripwire and a rootkit detector
5) DO use a firewall
6) DO follow the advice of the bearded, belted and supendered gurus here suspendered (as in holding up pants)?
-- Ken Schneider unix user since 1989 linux user since 1994 SuSE user since 1998 (5.2)