Hacked?

[Tony Meman]

You should search the logs for weird exit msgs from the daemons. You 
could also look for core dumped files in the file system. If you still 
can't find a good bet would be in Samba (were you running it? which 
version?) and OpenSSL/apache.

--
none

Adam Dewis wrote:
> 
> Doing a complete reeinstall is all good and well, but Installing a
> rootkit means that the cracker used a hole to gain the required
> permissions to do so. Whcih in praticality means that you will need to
> patch the hole as well, unfortunatly I cannot offer  any advice on
> finding the hole, but mayhaps some other security guru on this list may
> be able to steer you in the right direction?
> 
> Adam
>