[oclug] rooted system
thomas at optix.net
Tue Apr 24 00:32:55 EDT 2001
Have you got a firewall that logs denied packets etc? Looking at the
open network ports and traffic might give you an idea of what is going on.
Is the machine secured and services like dns turned off? There was a
worm a month or so back that affected linux boxes with certain versions
of Bind DNS. Having a secure box with a firewall and updated packages can
usually avoid most problems. Running things like ftp with clear text
passwords might not be a good idea, you mentioned that it was anonymous
only though? If there is sensitive information on the box, i would unplug
the nic asap or at least block all the ports you can till you can re-install.
Thomas Rollins || thomas at optix.net || http://www.optix.net
More information about the OCLUG