Thanks for all the help and advice offered, next time i get compramised, i know what to do :p also, i will be reinstalling my Linux box very soon!.. i have rm - rf'd the box now, and deleted the partion etc.. i have Windows .NET Enterprise Server running on it for a short time, while i have a play, then i will be reinstalling Red Hat Linux, and hopefully being able to monitor stuff a little better, i am speaking to a few people on the "honeypot" mailing list as to packet sniffing and stuff. I will be contacting the Admins of the box that was used to hack me. My Windows 2000 is the gateway computer, i just left the ftp mapped accross and i knew the ftpd was insecure (silly me) next time i will only have telnet or ssh left mapped accross and irc. Thanks for all the help, it was really appericated I have lots of little tips/tricks and commands noted down :o) - Dan Fry. "To the world you may be one person, but to one person you may be the world" ----------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Mon Aug 26 2002 - 03:46:25 PDT