From owner-freebsd-questions@FreeBSD.ORG Thu Nov 17 03:16:50 2005 Return-Path: X-Original-To: questions@freebsd.org Delivered-To: freebsd-questions@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A5A7616A41F for ; Thu, 17 Nov 2005 03:16:50 +0000 (GMT) (envelope-from iaccounts@ibctech.ca) Received: from pearl.ibctech.ca (pearl.ibctech.ca [209.167.58.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 11B9D43D49 for ; Thu, 17 Nov 2005 03:16:49 +0000 (GMT) (envelope-from iaccounts@ibctech.ca) Received: (qmail 11515 invoked by uid 1002); 17 Nov 2005 03:17:27 -0000 Received: from iaccounts@ibctech.ca by pearl.ibctech.ca by uid 89 with qmail-scanner-1.22 (spamassassin: 2.64. Clear:RC:1(209.167.16.15):. Processed in 2.717592 secs); 17 Nov 2005 03:17:27 -0000 Received: from unknown (HELO fuze) (209.167.16.15) by pearl.ibctech.ca with SMTP; 17 Nov 2005 03:17:24 -0000 From: "Steve Bertrand" To: "'Mark Jayson Alvarez'" Date: Wed, 16 Nov 2005 22:16:46 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook, Build 11.0.5510 X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2800.1506 Thread-Index: AcXrJLBaeDtsCaVcSPiIhFKcy8bZyAAACKvw In-Reply-To: <20051117031119.34476.qmail@web51614.mail.yahoo.com> X-Qmail-Scanner-Message-ID: <113219744567511493@pearl.ibctech.ca> Message-Id: <20051117031649.11B9D43D49@mx1.FreeBSD.org> Cc: 'FreeBSD Questions' Subject: RE: Need urgent help regarding security X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Nov 2005 03:16:50 -0000 > Now what I want to do is to just reinstall the whole > operating system and secure it as possible as I can. Like > someone told, its just a waste to try to track it down > because the intruder might be located somewhere on the other > side of the world. They are always on the other side of the world...this is the Internet. If that is your solution, I would recommend reconfiguring your FTP servers DNS entries, and applying another IP to the box,lest you be affected again. However, that won't even fix it, becuase it will just be found again by someone else. Unplugging the box just informs the attacker that you are aware of them. Moving the IP just makes people re-locate you. The solution is make the box accessible to only those who need it...and only the services they need. .02 Steve > > > To others who replied... I will just answer you all one by one... > > Thanks again. > > > > > ________________________________ > > Yahoo! FareChase - Search multiple travel sites in one click. > 3a//farechase.yahoo.com/> >