[TriLUG] attack
cate serino
cms2945 at garnet.acns.fsu.edu
Tue Feb 22 21:43:20 EST 2005
Hi,
After only having my server up for a few hours and to a state that I
thought was fairly secure, I got hacked with what I think is a man in the
middle attack. Other than turning off ports (telnet, ect.), changing
root passwords, and editing the hosts.allow and hosts.deny files, what
can I do to secure my server. I noticed that he/she was able to run
ipchains and filter through his/her ip. In addition, the he/she was able
to mount a filesystem on my machine. I have flushed the ipchains and
unmounted the filesystem. Am I missing anything? I have not had my
server up for a year. Has the Internet become that bad in one year?
Many thanks,
Cate Serino
More information about the TriLUG
mailing list