My site has been atacked by a hacker using a method that leaves a directory .BitchX (or something close) in root's home dir. It gets the user/password combination of any user that telnet, ftp or use pop3 to get to the machine (no ssh).
What's the security hole that's being exploited? At first the attacker didn't have the root password. Any help is greatly appreciated. This is urgent... Carlos -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
