Date: Tue, 21 Apr 1998 04:06:10 GMT From: aggravator@aggravator.net (tj) To: freebsd-questions@FreeBSD.ORG Subject: my freebsd su has been compromised, now what? Message-ID: <199804210406.EAA17254@hub.freebsd.org>
next in thread | raw e-mail | index | archive | help
OK, I admit it, I took the short and easy path, I had an irc buddy I have known (on the IRC) help me with the dns setup. Nice, and it works, but, he also made himself a backdoor to root. I found the file(or did I?!?) in his home dir w/ the help of one of my ISP providers. My ISP provider then proceeded to question me on if there were any more of these /shx files, and if "my buddy" had modifyed the login files and other stuff, and if all passwords were being routed to some machine in BFE, and just scarey scarey stuff. I guess my question is, how can I repair the damage(if indeed he has done any), or better yet, detect any damage. Or, do I have to start over, like my ISP friend recommends(he also has a preferance to lynix and redhat), and that I start over in lynix. thanx newbie learning the hard way, Tim (tj) aggravator.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199804210406.EAA17254>