[lug] Ancient RH box hacked, which packages must be updated?
Bear Giles
bgiles at coyotesong.com
Thu Mar 25 17:20:18 MST 2004
My company is in the process of migrating from an ancient RH
server to a current RHE or Debian box, but in the meanwhile
somebody has hacked our box. Does anyone know which packages
*must* be updated because of known exploits, or should we consider
it a lost cause and put all of our effort into migrating to the
new platform?
I'm not even sure which version of RH we're running - maybe 6?
BTW, what we're seeing is a rogue process masquerading as 'httpd'
that sits on port 17900 and a second random high port.
Bear
More information about the LUG
mailing list