Oh boy. I need to recreate some devices but I don't know which ones. Let's say hypothetically (wink wink) I know this idiot who has an old box that he has gotten sloppy about maintaining, yet has a few dependencies on it (like his mothers website). Ohwww.
Let's say he didn't upgrade his ssh on that box a while back when the ssh1 vulnerability was announced. Yes, he knows better. Well he got hacked yesterday. So while he was attempting to clean up and buy some time until he could migrate his stuff to another box, he deleted a few files and directories under /dev/ because the exploit was hiding there. He only remebers for sure about deleteting /dev/.xman and /dev/ida. I'm pretty sure .xman was just the crackers stuff, and /dev/ida has been recreated with MAKEDEV, but did delete a few things with the same timestamp of the time of the attack. Hoewever. After this brilliant move and a courtesy reboot after removing ssh, locking the firewall down further, etc, the external ethernet interface won't start. The error messages form ifup eth1 are SIOCSIFADDR: No such device SIOCSIFNETMASK: No such device SIOCSIFBADADDR: No such device SICOADDRT: No such device So I'm pretty sure some more devices need to be recreated. Does anyone know what ones? Please excuse me while I go beat myself ^H^H^H^H^H him some more. thanks charles p.s. please spare me the flogging. I know what I am doing is wrong, but I'm just trying to buy some time (about 2 weeks). At that time the box will be reformatted and repurposed. _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
