GoFuckYourself.com - Adult Webmaster Forum - View Single Post

Carrie · 10-07-2002, 06:40 PM

Are you prepared to wipe that box and re-load it?
Most likely they left themselves a backdoor. Hunting down that backdoor could take days, while simply reloading could take a few hours.
When your sysadmin reappears, tell him you want IPChains set up on the box immediately with Logcheck emailing you every 15 minutes (at least) and all non-essential ports closed down.
If you've got telnet on the box, install SSH2 and disable telnet. If you've got anonymous FTP turned on, turn it off.
Change all of your passwords - and then do it again at *least* once a month from here on out.
If you still can't get a hold of your sysadmin, install this until you can: http://www.pointman.org/PMFirewall/
It's got easy instructions and is just as easy to open up a port if you close it by mistake.

Best of luck - and check your logs to find out who these fuckers are so you can fry 'em.

10-07-2002, 06:40 PM
Carrie Confirmed User Join Date: Apr 2002 Location: Virgin - nee Posts: 3,162	Are you prepared to wipe that box and re-load it? Most likely they left themselves a backdoor. Hunting down that backdoor could take days, while simply reloading could take a few hours. When your sysadmin reappears, tell him you want IPChains set up on the box immediately with Logcheck emailing you every 15 minutes (at least) and all non-essential ports closed down. If you've got telnet on the box, install SSH2 and disable telnet. If you've got anonymous FTP turned on, turn it off. Change all of your passwords - and then do it again at least once a month from here on out. If you still can't get a hold of your sysadmin, install this until you can: http://www.pointman.org/PMFirewall/ It's got easy instructions and is just as easy to open up a port if you close it by mistake. Best of luck - and check your logs to find out who these fuckers are so you can fry 'em.