Re: ssh binary modified
In message <4CF104DD.1050405@nruns.com>, Jan Muenther writes:
>yeah, that box has been taken over. Now, before you nuke it and
>reinstall from some trusted media, I'd try and give finding out what
>exactly happened a shot. My point is that if they got in through e.g. a
>flaw in a custom web app, just newly setting up the machine and
>resetting the passwords is not going to make it all go away.
And you should seriously consider putting everything you can into
jails, to contain any future damage.
--
Poul-Henning Kamp | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG | TCP/IP since RFC 956
FreeBSD committer | BSD since 4.3-tahoe
Never attribute to malice what can adequately be explained by incompetence.
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 6 之 6 篇):