Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 08 Jul 2009 09:55:46 -0400
From:      Lowell Gilbert <freebsd-questions-local@be-well.ilk.org>
To:        "chris\@darkadsl.ca" <chris@darkadsl.ca>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: Hacker problem...Takes down apache?
Message-ID:  <44bpnv2s9p.fsf@lowell-desk.lan>
In-Reply-To: <40db8bb280d58ed7874492a66de0fa86@localhost> (chris@darkadsl.ca's message of "Tue\, 07 Jul 2009 15\:50\:06 -0700")
References:  <40db8bb280d58ed7874492a66de0fa86@localhost>

next in thread | previous in thread | raw e-mail | index | archive | help
"chris@darkadsl.ca" <chris@darkadsl.ca> writes:

> I run a virtual hosting server and one of my clients got hacked (weak
> password in CMS).

Since you know the machine was hacked, you can't trust *anything* on the
machine.  If possible, you should rebuild it.  If a jail was hacked,
replacing that jail may be enough.  You might be able to clean up the
hack by reverse-engineering it, but you'll never be able to be sure you
got everything.

-- 
Lowell Gilbert, embedded/networking software engineer, Boston area
		http://be-well.ilk.org/~lowell/



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44bpnv2s9p.fsf>