Date: Mon, 08 Apr 2002 14:12:40 -0500 From: "Todd Reed" <ex279@hotmail.com> To: freebsd-questions@FreeBSD.ORG Subject: Recovering from a Hack Message-ID: <F574koO7bhXfT433nD000005794@hotmail.com>
next in thread | raw e-mail | index | archive | help
I got hit last week by someone/something that has turned my BSDbox into a DDOS attacker (I think). Every two or three days I have to reboot because it starts flooding the network. Once I reboot it, it ges back to working "normal". This is a temp fix for me until I can rebuild it in the next few days, but I was wondering if some of you people could offer some personal advice on building a more secure box. I know the basics (shutdown all unnecessary ports, etc), but what are some issues or tricks that you have used to make it more secure. I would like to get enough responses and compile a list to post on www.freebsddiary.org. Also, if the events were to take place that your box was hacked and the intruder turned it into a DDoS attacker, what would you look at to kill the program? Results from a PS command look normal, but they could have changed the PS file. --Todd _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?F574koO7bhXfT433nD000005794>