Date: Thu, 28 Aug 2003 10:41:59 -0400 From: jahmon <jahmon@jahmon.com> To: freeBSD-security@freebsd.org Subject: compromised server Message-ID: <C779A76E-D965-11D7-A329-000393DED9F6@jahmon.com>
next in thread | raw e-mail | index | archive | help
I have a server that has been compromised. I'm running version 4.6.2 when I do >last this line comes up in the list. shutdown ~ Thu Aug 28 05:22 That was the time the server went down. There seemed to be some configuration changes. Some of the files seemed to revert back to default versions (httpd.conf, resolv.conf) Does anyone have a clue what type of exploit they may have used? Is there anyway I can find out if there are any trojans installed? Thanks jahmon
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?C779A76E-D965-11D7-A329-000393DED9F6>