Re: ssh binary modified

看板FB_security作者時間15年前 (2010/11/27 21:32), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串4/6 (看更多)
Hello, yeah, that box has been taken over. Now, before you nuke it and reinstall from some trusted media, I'd try and give finding out what exactly happened a shot. My point is that if they got in through e.g. a flaw in a custom web app, just newly setting up the machine and resetting the passwords is not going to make it all go away. You don't have to be a forensics expert to at least have a long good look at the log files. Cheers, Jan _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
更多 jan. 的文章
文章代碼(AID): #1CyGXJLc (FB_security)
更多 jan. 的文章
文章代碼(AID): #1CyGXJLc (FB_security)