[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Hacked RaQ3 won't let root do things (Permission denied)

Subject: Re: [cobalt-users] Hacked RaQ3 won't let root do things (Permission denied)
From: elmer@xxxxxxxxxxxxxx
Date: Tue Feb 20 13:06:18 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

On Tue, 20 Feb 2001, Daniel Foster wrote:

} The problem is this:  About half an hour after the server is rebooted,
} errors start to happen.  Web pages don't display (admserv or normal), and
} logged in as root, trying to do things at the command line gives lots of
} 'Permission denied' errors.  eg.

Please realize that that checking for a root kit is only part of
cleaning up a box. Libraries, non critical binaries and files can
and often are altered during an exploit, hidden threats of all
nature can easily be installed in such a manner that you might not
notice, and in such a way as to bypass the checks run by something
like chkrootkit.

	Quite simply, if the cracker was good enough you may never
be able to regain control of the server until and unless you do a
full and complete re-install.

References:
- [cobalt-users] Hacked RaQ3 won't let root do things (Permission denied)
  - From: Daniel Foster

Prev by Date: [cobalt-users] Installing PHP4, weird error
Next by Date: Re: [cobalt-users] ownership problems
Previous by thread: RE: [cobalt-users] Hacked RaQ3 won't let root do things (Permission denied)
Next by thread: [cobalt-users] [RaQ2] Raq 2 and PHP4

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index