Re: Hacking RH 6.2

["Mohamedou" <mohamedou bits mr>]

Hi,

 

Yes of course I have formatted the hd.

The machine couldnt work correctly after the hacking.

DNS was not correct, I couldnt start linuxconf because of the bad setting of TERMINAL. Furthermore all of my Email accounts data have been lost.

 

 

----- Original Message -----

From: Weston Rogers

To: redhat-install-list redhat com

Sent: Wednesday, March 28, 2001 8:55 PM

Subject: Re: Hacking RH 6.2

Have you reformatted the machine after you have figured out your box got rooted? Also, make sure you use the security tools from www.psionic.com  they are exellent and even easier to setup.  Also, depending on your environment you may want your mail / dns servers seperate, OR make the machine multi-homed (two nic cards)  if you are a business with a LAN and a WAN. 

 

Make sure you use TCP wrappers, NO telnet NO anon ftp (no ftp for that matter, ) Install SSH2 from www.ssh.com (free for commercial use) and that comes with SFTP server for secure ftp transfer if needed.  Also install just your basic server , no X , nothing but exactly what you need and download and install binarys for what you intend on run ****LATEST****  versions of BIND and use www.postfix.org or www.qmail.org instead of sendmail. 

 

I can go on and on....email me if you need specific help.

 

 

----- Original Message -----

From: Mohamedou

To: redhat-install-list redhat com

Sent: Wednesday, March 28, 2001 11:58 AM

Subject: Hacking RH 6.2

Hello all,

 

My Server has been  hacked 2 times and now probably third times.

I am using RH 6.2 Mail and DNS are on the same machine.

The hacker has let no tacks behind himself.

How can I proceed to prevent this.

Really I dont need to let Linux and go otherwise.

 

Thnx

 

Moh