View Single Post
Old 8th December 2009, 09:34
denbert denbert is offline
Join Date: May 2008
Location: Copenhagen
Posts: 46
Thanks: 4
Thanked 3 Times in 3 Posts

Originally Posted by topdog View Post
There must be backdoors left on the system to allow the hacker back in, am sure most of the binaries you use for checking such have been modified by the attacker. If you can run the binaries from removable media then you may be able to cleanup the machine. (The binaries in question would be things like lsmod, ps, w, who netstat, lsof)
Yep - I realize that I'm in a "bad-standing" and therefore I will shutdown the server now and prepare a clean install later.

The worst is that I'm the only one to blame
/ Denbert
Reply With Quote