ssh binary modified
Poul-Henning Kamp
phk at phk.freebsd.dk
Sat Nov 27 13:32:09 UTC 2010
In message <4CF104DD.1050405 at nruns.com>, Jan Muenther writes:
>yeah, that box has been taken over. Now, before you nuke it and
>reinstall from some trusted media, I'd try and give finding out what
>exactly happened a shot. My point is that if they got in through e.g. a
>flaw in a custom web app, just newly setting up the machine and
>resetting the passwords is not going to make it all go away.
And you should seriously consider putting everything you can into
jails, to contain any future damage.
--
Poul-Henning Kamp | UNIX since Zilog Zeus 3.20
phk at FreeBSD.ORG | TCP/IP since RFC 956
FreeBSD committer | BSD since 4.3-tahoe
Never attribute to malice what can adequately be explained by incompetence.
More information about the freebsd-security
mailing list