[Cialug] Attack troubleshooting?
Tim Wilson
tim_linux at wilson-home.com
Mon Feb 28 22:57:15 CST 2011
As Ken said, disconnect it from your network. I made the mistake of not
disconnecting mine, and the @%$#$%# connected back in and wiped all traces
of his presence. I thought I had locked him out, but he had left another
backdoor that he used.
On Mon, Feb 28, 2011 at 10:49 PM, Zachary Kotlarek <zach at kotlarek.com>wrote:
>
> On Feb 28, 2011, at 10:23 PM, L. V. Lammert wrote:
>
> > Any thoughts on how to isolate the cause? I finally got into the box by
> > playing with the firewall, but don't see any logins or anything untoward
> > in ps.
>
>
> `lsof` or `netstat`would give you a better idea what was using the network.
>
> Zach
>
>
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
>
>
--
Tim
Required reading: http://bccplease.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cialug.org/pipermail/cialug/attachments/20110228/2980878a/attachment.html>
More information about the Cialug
mailing list