Trond,
so, if I understand correctly, the compromised server was Fedora +
blue-quartz installed on, not the CentOs+bq (nuonce release)? If it was
default fedora installation, than it's nothing incommon. The news would be
to have fedora installed on busy network (popular web site, ...) and not
have it compromised. Have you discovered how attacker did manage to get in?
Is it related to some BQ package or to service that was running by fedora by
default? That would be really helpfull.
Cheers,
Vlado
----- Original Message -----
From: "Trond Husoe" <tr-huso (at mark) online.no>
To: <coba-e (at mark) bluequartz.org>
Sent: Tuesday, January 10, 2006 12:00 AM
Subject: [coba-e:03788] more hacked
> Hi group,
>
> thanks for the mails I've received. We will most certainly harden the
server, and I think Ken Marcus came up with a good list of things for all
server admins to do.
>
> Since I am not physically near the box and so I can't reinstall fc on it,
I have worked hard to get the binary-files back to standard. This has been
done thanks to an uploadscript in php.
>
> This because wget and ftp doesn't work. If someone can give me some hints
and tips here on what do to, please let me know.
>
> Best regards,
> Trond
>