El 2010-11-28 a las 12:14 -0500, Brad Alexander escribió:
(resending to the list)
> On Sun, Nov 28, 2010 at 7:22 AM, Camaleón wrote:
(...)
> > I'm not an expert in linux computer forensics but your logs are
> > displaying scaring information happening in your box. Secunia reports a
> > high impact on affected system ("security bypass, manipulation of data
> > and system access"):
> >
> > http://secunia.com/advisories/42052
> >
> > Maybe is time to perform clean install as Jochen suggested.
> Agreed. Its like viruses in the windows world. As was once said, "nuke
> the site from orbit. It's the only way to be sure."
>
> You are likely to miss an attacker's back door (remember he may have
> many) if you try to "clean" the system. You *must* rebuild and secure
> along the way. Use the latest versions of the configs (you can
> probably back up /etc and other config directories -- but only use the
> old files for reference, don't put them in place en masse).
>
> Once complete, use nmap and nessus to scan the boxes, and only open
> ports that are needed.
>
> --b
Greetings,
--
Camaleón
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20101128215300.ga7...@stt008.linux.site
