Date: Thu, 30 Jul 1998 16:16:43 -0400 From: Jerry Hicks <jhicks@glenatl.glenayre.com> To: "Bob Boone" <bboone@whro.org> Cc: freebsd-stable@FreeBSD.ORG, jhicks@jhicks.glenatl.glenayre.com Subject: Re: Security Issue -- Message-ID: <199807302016.QAA22137@jhicks.glenatl.glenayre.com> In-Reply-To: Your message of "Thu, 30 Jul 1998 15:30:42 EDT." <002e01bdbbf0$8e63eb20$ef63a8c0@wizard.whro.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Bob, Sorry to hear about your trouble. I would take it as a break-in. Could be a local user though. I would probably reload the system using a new disk, keeping the old one in its current state. Later, after you have a running system, you can probably retrieve most of your web content from the previous disk. It'll be some work; Be most careful about not bringing over any binary programs and make *sure* to check your cgi-bin files for any tampering. I would probably change most user names and passwords too. (But then I'm paranoid :-) - This list concerns matters important to those who track FreeBSD's -STABLE branch. >From your message you don't seem to be doing that. Sadly, this probably would have helped prevent you from experiencing what might have been a known exploit for 2.2.5. Better Luck, Jerry Hicks jhicks@glenatl.glenayre.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199807302016.QAA22137>