Date: Wed, 16 Nov 2005 19:11:19 -0800 (PST) From: Mark Jayson Alvarez <jay2xra@yahoo.com> To: kalin mintchev <kalin@el.net>, Steve Bertrand <iaccounts@ibctech.ca> Cc: 'FreeBSD Questions' <questions@freebsd.org>, 'Mark Jayson Alvarez' <jay2xra@yahoo.com> Subject: RE: Need urgent help regarding security Message-ID: <20051117031119.34476.qmail@web51614.mail.yahoo.com> In-Reply-To: <51190.68.165.89.71.1132194943.squirrel@mail.el.net>
next in thread | previous in thread | raw e-mail | index | archive | help
First, I want to thank you all for replying. For now what I just did is to just pulled the utp cable from its ethernet port. Now, no one can access it. However I tried once to put it back and then the ircd connection went up silently. It is confirmed that we are running "psybnc" like what someone who replied has experienced too, installed in a folder(" pnybnc") inside etc that is named with a special character... hard to get inside, but we've managed to read some files using find and grep... The chat logs are still there.. seems like it has been turned into a sex chatroom.. also the config of psybnc which contains the username/password the intruder used in connecting...
Now what I want to do is to just reinstall the whole operating system and secure it as possible as I can. Like someone told, its just a waste to try to track it down because the intruder might be located somewhere on the other side of the world.
To others who replied... I will just answer you all one by one...
Thanks again.
---------------------------------
Yahoo! FareChase - Search multiple travel sites in one click.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20051117031119.34476.qmail>