Date: Sat, 28 Jul 2001 13:23:06 -0500 From: Jorge Biquez <jbiquez@icsmx.com> To: freebsd-questions@freebsd.org Subject: Re: URGENT - Seems like i've been hacked... what to do now? Message-ID: <5.0.2.1.2.20010728131816.01c8e710@icsmx.com> In-Reply-To: <996298216.3b624de8cf14b@www.ajboggs.com> References: <20010728051328.83415.qmail@web20104.mail.yahoo.com> <20010728051328.83415.qmail@web20104.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Reading this confirms me that I do not know nothing yet.... I have FreeBSD 4.2 running for web services of my own. No one else use or have access to the machine, no other users. But I use telnet as the way to control my machines. If I read correct the last messages I should disable telnetd and use alternatives, like SSH services (btw I remember a discussion a few months ago telling SSH was not the correct way to go either).... What's the best way to stay?. If the path to follow to disable telnetd and have SSH services running, could you please point me to resources of how to implement this? Thanks in advance. JB At 01:30 28/07/01 -0400, you wrote: > > So I should only allow SSH connections? > > > > Is there anyway to see what has been modified since a > > particular date? > > > > -Sameer > >Yes use SSH, there are great terminal apps out there that are >freeware like putty and tera term pro that will allow you to >ssh in from a msft system. > >At least unplug it from the internet for now, so the rest of us >don't have to deal with someone using it to DoS from. :) > >You can always check for files with the find -mtime option, >you can check your wtmp by using "last" and all of that. But >you'd probably be better off just re-installing for now, unless >you want the experience of trying to track down what was done. >If you want to do that, go start reading up on what to do.. but >unplug the NIC. > >Enjoy. > >-Russell > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.0.2.1.2.20010728131816.01c8e710>