Date: Thu, 17 Nov 2005 10:54:29 -0500 From: Brian Reichert <reichert@numachi.com> To: Mark Jayson Alvarez <jay2xra@yahoo.com> Cc: freebsd-security@freebsd.org Subject: Re: Need urgent help regarding security Message-ID: <20051117155429.GD38047@numachi.com> In-Reply-To: <20051117012552.46503.qmail@web51607.mail.yahoo.com> References: <20051117012552.46503.qmail@web51607.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Nov 16, 2005 at 05:25:52PM -0800, Mark Jayson Alvarez wrote: > Good Day! > > I think we have a serious problem. One of our old > server running FreeBSD 4.9 have been compromised and > is now connected to an ircd server.. > 195.204.1.132.6667 ESTABLISHED I had a 4.9 box compromised though the ssh install (I'm certain it wasn't openssh, but the base install), and was running an irc server itself. I just yanked the box off the net, and scrubbed it flat, and reinstalled. In my case, it wasn't worth the time to track who and when and how; I needed to put the server back on the net. Good luck on chasing them down. Are you sure that effort is worth it to you? > Thanks.. > > > > > __________________________________ > Yahoo! Mail - PC Magazine Editors' Choice 2005 > http://mail.yahoo.com -- Brian Reichert <reichert@numachi.com> 55 Crystal Ave. #286 Daytime number: (603) 434-6842 Derry NH 03038-1725 USA BSD admin/developer at large
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20051117155429.GD38047>