possibly hacked
Robin Laing
Robin.Laing at drdc-rddc.gc.ca
Thu Nov 16 23:16:34 UTC 2006
Amadeus W. M. wrote:
> On Thu, 16 Nov 2006 10:26:20 -0600, olga wrote:
>
>
>>Hi,
>>
>> I wrote about kernel errors which somebody pointed out was because the
>>server was running out of memory.
>>
>>Now I found the following which makes me think that that server may have
>>been compromized.
snip
> If you can, unplug the network wire (though if they know what they are
> doing, your hard drive might be wiped off when their scripts detect that
> the network is down. It's your call.). Run rpm -V from a rescue cd (not the
> one in /usr/bin) on procps, net-tools, and the other essential system
> utilities (including rpm itself). Then you'll know for sure.
>
Just posting a question in regards to this statement.
How about pulling the plug and fscking the drive using the rescue CD?
Not the best idea but could save a total wipe.
--
Robin Laing
More information about the users
mailing list