LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 01-15-2004, 04:34 PM   #1
ScooterB
Member
 
Registered: Sep 2003
Location: NW Arkansas
Distribution: Linux Redhat 9.0, Fedora Core 2,Debian 3.0, Win 2K, Win95, Win98, WinXp Pro
Posts: 344

Rep: Reputation: 31
Angry I was hacked!!! Make sure you're not!!


Well, it finally happened to me. I have a small email server running RH9, Vexira, and now SpamAssassin. Well, I had visited a windoze site around the first of the year and had been getting spam and viruses. I tolerated it for awhile hoping they would just go away. My anti-virus software did it's job beautifully. Only thing was at that time I didn't have SpamAssassin running and much to my demise, I had too many ports open. I guess that shows my "greenness". I went in and put all the folks that I could get addresses off of and put them in the access db and used "REJECT". Bad choice! I found out that when you reject a message this way it sends a rejection message back to the sender. Well, it didn't take them long. In less than 24 hours my server was down. Evidently, I had hacked them off. We found that they had deleted the boot partition and the entire grub loader. Lesson learned. I obtained the aid of a local peer and we had the server back up within 24 hours. Not too bad. But now, I have all ports closed except 25 and 110. I also have iptables set up and functioning. Now I also have SpamAssassin up and running. I hope that it is pretty locked up, but I know that someone can always find a way if they try hard enough. I would like to thank everyone who has posted on here because I gleaned alot of info from your info and help. I was the hero today! Thanks again to all of you and I love this site!!!!!!!!!
 
Old 01-15-2004, 04:57 PM   #2
XavierP
Moderator
 
Registered: Nov 2002
Location: Kent, England
Distribution: Debian Testing
Posts: 19,192
Blog Entries: 4

Rep: Reputation: 470Reputation: 470Reputation: 470Reputation: 470Reputation: 470
Bad luck and well done

Have you checked unSpawn's how to in the Linux - Security forum? It may give you more ideas.
 
Old 01-15-2004, 05:02 PM   #3
ScooterB
Member
 
Registered: Sep 2003
Location: NW Arkansas
Distribution: Linux Redhat 9.0, Fedora Core 2,Debian 3.0, Win 2K, Win95, Win98, WinXp Pro
Posts: 344

Original Poster
Rep: Reputation: 31
No, not yet. I will probably be checking it out shortly though. Thanks for the info. Funny thing though, after all of this I have a feeling of satisfaction because I have begun to understand what I am doing in Linux. If this was windoze I would just have to feel lucky.
 
Old 01-15-2004, 05:04 PM   #4
XavierP
Moderator
 
Registered: Nov 2002
Location: Kent, England
Distribution: Debian Testing
Posts: 19,192
Blog Entries: 4

Rep: Reputation: 470Reputation: 470Reputation: 470Reputation: 470Reputation: 470
And that's why we love Linux. In a purely platonic way.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Hacked or not? knutove1728 Linux - Security 3 11-21-2004 09:04 PM
How to make rule for make install and make uninstall melinda_sayang Programming 1 06-14-2004 05:58 AM
i think i've been hacked! safil Linux - Security 7 11-02-2003 10:16 AM
make dep,make clean,make bzImage problem Babba Linux - Newbie 2 01-08-2003 03:49 AM
I've been hacked... now what do I do? cgchris99 Linux - Security 6 12-11-2001 04:50 PM


All times are GMT -5. The time now is 06:39 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration