In message <4cf104dd.1050...@nruns.com>, Jan Muenther writes: >yeah, that box has been taken over. Now, before you nuke it and >reinstall from some trusted media, I'd try and give finding out what >exactly happened a shot. My point is that if they got in through e.g. a >flaw in a custom web app, just newly setting up the machine and >resetting the passwords is not going to make it all go away.
And you should seriously consider putting everything you can into jails, to contain any future damage. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 p...@freebsd.org | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
