Originally posted by sehe the question still remains, how did they get in?
what forums you use adapter?
They can get in through anything, from forums to improperly coded php scripts, to, well, you get the idea.
The first thing to do as Steve said is update the kernel, then you can find out what's causing what.
WHMCS Guru - WHMCS addons, management, support and more. WHMCS Notifications Extended - Add slack, hipchat, SMS, pushover to WHMCS !!
Linux Problems? WHMCS Issues? +1-866-546-8914 (linux-14) or @whmcsguru on twitter!
Originally posted by linux-tech The first thing to do as Steve said is update the kernel, then you can find out what's causing what.
why would one want to upgrade kernel on a hacked machine which will be reinstalled anyway? The new "empty" box adapter got should be upgraded, thats right, but the old one? Beside the old one is probably already disconnected from the net, or should be. I also dont think that kernel has a remote exploitable vulnerability itself. Like you said the point of intrusion might be a script or some other software.