here is a good quicky guide to get started in your investigation:
http://www.cert.org/tech_tips/root_compromise.html
/"\ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
\ / ASCII Ribbon Campaign [EMAIL PROTECTED]
X - NO HTML/RTF in e-mail http://www.curious.org/
/ \ - NO Word docs in e-mail "This quote is false." -anon
On Mon, 15 Jan 2001, Walt wrote:
> I just traveled to the Philippine Islands for
> nearly 3 weeks. (Sidenote: foreign computer
> situation in that country is uh... interesting :-)
>
> Upon returning, I was going to check some
> of my log files and discovered my entire /var/log
> directory was missing. Everything seems to
> working fine (except cron which has started
> functioning again after I recreated the log folder),
> I haven't inspected many config files as yet, but
> I've found no files deleted, my web page has not
> been changed, no files stored in the ftp directory.
>
> My question is: Is there some other explanation
> as to how the entire directory was deleted, other
> than that my computer was hacked?
>
> Thanks!
> Walt
>
> -~
>
> When we are planning for posterity, we ought to remember that
> virtue is not hereditary.
> Thomas Paine
>
>
> _______________________________________________
> techtalk mailing list
> [EMAIL PROTECTED]
> http://www.linux.org.uk/mailman/listinfo/techtalk
>
_______________________________________________
techtalk mailing list
[EMAIL PROTECTED]
http://www.linux.org.uk/mailman/listinfo/techtalk
