compromised server
jahmon
jahmon at jahmon.com
Thu Aug 28 07:42:04 PDT 2003
I have a server that has been compromised.
I'm running version 4.6.2
when I do
>last
this line comes up in the list.
shutdown ~ Thu Aug 28 05:22
That was the time the server went down.
There seemed to be some configuration changes.
Some of the files seemed to revert back to default versions
(httpd.conf, resolv.conf)
Does anyone have a clue what type of exploit they may have used?
Is there anyway I can find out if there are any trojans installed?
Thanks
jahmon
More information about the freebsd-security
mailing list