Re: Proxy server hit... Any ideas?

[Hugo van der Kooij <hvdkooij () vanderkooij org>]

On Mon, 18 Nov 2002, Mike Cain wrote:

> Well, I have had my first run-in with a hacker, or was it a virus? I'm
> not 100% sure.. Guess I should start from the beginning...

....

> From the information provided it seems you may have multiple root kits on 
the system.

If are not absolutely confident in tracking all bits and bolts on this 
system I would advise you either hire someone to do this for you or 
considere the machine a loss and remove it from the net alltogether and 
scratch it's content.

Before you put a new system online make sure you know the system is
secured. Again either acquire the skills yourself or be prepared to pay
for someone who does have them.

Hugo.

-- 
 All email sent to me is bound to the rules described on my homepage.
    hvdkooij () vanderkooij org         http://hvdkooij.xs4all.nl/
            Don't meddle in the affairs of sysadmins,
            for they are subtle and quick to anger.


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com