One of the first things you need to look at is why you were hacked for the
3rd time. Once I can understand, but after that your system should have
been so tight and your procedures enhanced such that there is likely no 2nd
time, and definitely no 3rd time.
Please read the archives for this list over the last week or so - somebody
else was hacked and there were a lot of good postings about how to prevent
being hacked (you've done a fresh install now and run up2date haven't you?)
and what to do now.
Unless you're very skilled, it's my opinion that you're not going to be able
to catch the hacker unless he's a moron. They've typically got better tools
than you do, and since you've been hacked 3 times in 2 months, it's unlikely
that you're extremely skilled. Any evidence you need to catch the sucker is
probably gone, and there will be enough relays in the middle through
foreign countries that you're not going to catch the sob without a *lot* of
work by somebody who really understands forensic intrusion analysis.
>From a quick google search, it looks like blackjack runs on port 1025.
.../Ed
Ed Wilts
Mounds View, MN, USA
mailto:[EMAIL PROTECTED]
----- Original Message -----
From: "Glen Lee Edwards" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, May 05, 2002 1:13 AM
Subject: Hacked again...
> I was hacked again. This is the 3rd time in a couple of months. The
hacker
> sent himself some emails from my computer with my system info on it. Here
are
> the email addresses he used:
>
> [EMAIL PROTECTED]
> [EMAIL PROTECTED]
>
> He was able to gain root access and do pretty much whatever he wanted.
What
> steps do I need to take now to turn him in?
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
