View Single Post
  #4  
Old 2nd January 2007, 18:32
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,740 Times in 2,575 Posts
Default

Quote:
Originally Posted by lubod
Since both these seemingly false routes and entries in hosts.deny blocking some of the same addresses like 192.168.31.2 appeared at the same time, is it likely it was hacked?
You should check that: http://www.howtoforge.com/faq/1_38_en.html

Quote:
Originally Posted by lubod
and installed portsentry to guard against attempts at hacking
It's possible that these routes are created by Portsentry. Can you disable it and reboot the system (make sure Portsentry doesn't start automatically at boot time).

Quote:
Originally Posted by lubod
Output of ls -la /etc/network/if-up.d
What's in each of the files?

Quote:
Originally Posted by lubod
I guess in your next question is about /etc/network/interfaces, because there is no networking in /etc.
Yes, right.

What's in /etc/iptables.up.rules?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote