On 9/11 many of the scripts in /etc/init.d/ got rewritten to zero bytes. This wasn't noticed until a reboot on the next day when so many things suddenly weren't working (no network, no external disk drive or USB connections, etc.). Luckily, copying the scripts from a Debian Live CD got the network and connections running. Then copying the rest from a backup brought the system back. So all was saved with a few hours work. My big question is how the scripts were modified/deleted? No work was done on the system on 9/11 so I can only think I was hacked into or some malicious script was able to run as root. Looking at the logs I can only find the usual suspects trying to insert known-hackable page names into the websites. All show as denied though. There is a hardware firewall running in my router with port forwarding of only the ports used. I changed my passwords to something even longer and more obscure. What other suggestions do you all have for preventing this from happening again?