Ed Wilts writes: >One of the first things you need to look at is why you were hacked for the >3rd time. Once I can understand, but after that your system should have >been so tight and your procedures enhanced such that there is likely no 2nd >time, and definitely no 3rd time. > >Please read the archives for this list over the last week or so - somebody >else was hacked and there were a lot of good postings about how to prevent >being hacked (you've done a fresh install now and run up2date haven't you?) >and what to do now. > >Unless you're very skilled, it's my opinion that you're not going to be able >to catch the hacker unless he's a moron. They've typically got better tools >than you do, and since you've been hacked 3 times in 2 months, it's unlikely >that you're extremely skilled. Any evidence you need to catch the sucker is >probably gone, and there will be enough relays in the middle through >foreign countries that you're not going to catch the sob without a *lot* of >work by somebody who really understands forensic intrusion analysis.
The first time I was hacked it was on a remote box I was leasing. I discontinued the lease on it. The hacker then found my home system and got into my 6.1 box. I then wiped it clean and did a fresh install of 6.2, which he immediately hacked. Thanks to the good folks at the Rule Project I just installed 7.2 on it. This time I emailed the root password to the hacker. Might as well save him some effort. You're right. I'm a RH Linux end user, not a geek. I don't have the tools/experience to track him down, find out how he got in, and plug the holes. I just install what Red Hat sends and hope it works. Have you tried Krispy Kreme yet? We've been out there a couple of times, but the wait is so long that we've given up. Glen Brooklyn Park, MN _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
