[Gllug] My firewall is rooted
Stephen Harker
steve at pauken.co.uk
Mon Jul 15 11:20:05 UTC 2002
OK. So I ssh into the firewall (first time in a week or so) to discover loads
of running processes ./a and a new user in my password file called dave. So
out he goes and shutdown all the processes. Passwd file was locked so I
removed /etc/ptmp and removed the dave entry. (BTW this is an OpenBSD box)
Rebooted the machine. First mistake.
Now my root password doesn't work any more. SO. Do I want to even bother
fixing this machine up or shall I just rescue my pf and nat rules, wipe the
box and start again? Will there be a load of backdoors and other nasties on
there now?
Steve
--
Stephen Harker
steve at pauken.co.uk
"The sooner we fall behind, the longer we have to catch up!"
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list