Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- Hacker on my system ?
Re: Hacker on my system ?
This is nowhere near enough. The cracker may have every password from
that system, including sudo passwords or root or SSH keys that are
stored locally, especially those without passphrases. They've been into
the system: even if the rest of the binaries are not corrupted, the
SSHD the cracker installed was doubtless sniffing passwords, and many
old tools such as CVS or many Subversiion clients store passwords
locally in clear text.
You're due for a *LOT* of work. This is a good time to hop from RHEL
3.x to RHEL 4.x or CentOS 4.x, and pursuing it as a policy to prevent
future such cracks.
- » protocol question - issue with exit-status inside unfinished data stream?
- — Newest thread in » Secure Shell Forum