Results 1 to 8 of 8
Thread: My server got hacked
-
07-23-2005, 03:18 AM #1Web Hosting Guru
- Join Date
- Jan 2005
- Posts
- 268
My server got hacked
hi everyone
i think my server got hacked. I wanna format my OS, should i go ahead move /home dir to backup hdd or using cpanel backup daily before format OS ? Thanks
-
07-23-2005, 03:36 AM #2
Re: My server got hacked
Originally posted by AndyJ
hi everyone
i think my server got hacked. I wanna format my OS, should i go ahead move /home dir to backup hdd or using cpanel backup daily before format OS ? Thanks
If its a restore worthy hack, you can forget about using any and all information you have on your server at the time. This is one of the reasons off site backups are so critical, because if it's ON the server, chances are it can be corrupted again, or that someone's got their fingers in it already, and poisoned the file, giving them a backdoor into your server.Tom Whiting, WHMCS Guru extraordinaire
Linux problems? WHMCS Problems? Give me a shout
Check out my WHMCS Addons
-
07-23-2005, 10:50 AM #3Web Hosting Master
- Join Date
- Oct 2003
- Posts
- 9,264
AndyJ,
Congratulations on your first hack!
I'd highly recommend getting your server auditted or having them perform the restore on your behalf.
Otherwise you're just going to get reowned after restoring.
I'd recommend checking out www.rack911.com - save yourself the trouble of getting reowned afterwards.
-
07-23-2005, 11:40 AM #4Web Hosting Master
- Join Date
- Aug 2003
- Location
- Gods Own Country
- Posts
- 892
Before coming to a conclusion , Always have a Security Admin to check your server ( I mean get it audited ) and then see if the server really needs to be formated and restored
Blessen Cherian
Follow me on twitter.com/blessenonly
Two decade in Web Hosting Industry
-
07-23-2005, 03:33 PM #5Web Hosting Guru
- Join Date
- Jan 2005
- Posts
- 268
yea, thanks all your output,
BTW, how do i do security audit ? i know that there are some command, but dont really know what they are. Thanks
-
07-23-2005, 03:41 PM #6Disabled
- Join Date
- Nov 2003
- Location
- India
- Posts
- 155
Andy, as already suggested by David, take help of some professionals, rack911.com are good with handling these kind of issues, better contact them.
Regards
-
07-23-2005, 06:47 PM #7Retired Moderator
- Join Date
- Mar 2004
- Location
- Singapore
- Posts
- 6,990
I seconded rack911 thelinuxguy, he specialises especially in one time security jobs. Have used his services quite a number of times, very fast and good!
-
07-24-2005, 12:19 AM #8Web Hosting Master
- Join Date
- Aug 2003
- Location
- Gods Own Country
- Posts
- 892
I would suggest you to serach in Google.com with " Linux Server Security Audit " . It will give you articles which are based on Linux Security Audit .
Blessen Cherian
Follow me on twitter.com/blessenonly
Two decade in Web Hosting Industry