View Single Post
  #3  
Old 8th December 2009, 08:34
denbert denbert is offline
Member
 
Join Date: May 2008
Location: Copenhagen
Posts: 46
Thanks: 4
Thanked 3 Times in 3 Posts
Default

Quote:
Originally Posted by topdog View Post
There must be backdoors left on the system to allow the hacker back in, am sure most of the binaries you use for checking such have been modified by the attacker. If you can run the binaries from removable media then you may be able to cleanup the machine. (The binaries in question would be things like lsmod, ps, w, who netstat, lsof)
Yep - I realize that I'm in a "bad-standing" and therefore I will shutdown the server now and prepare a clean install later.

The worst is that I'm the only one to blame
__________________
/ Denbert
Reply With Quote