RH Linux Server has a backdoor attack, help bath I have here a Linux RH AS 2.1 Server, the most recent because a guy made a careless giant stupid new account (account passwords are test), who was posted around the world, NND, Khan ah. . . . . . . [color=blue] In this situation when I found the week after the incident. Now machines will be held for a few months, most of my relations, but also found that the machinery has been ordered to replace the many systems, such as /bin/login, /bin/ps so on. I can not delete these documents, let alone replace, the tips are : Operation not permitted[/color] : : : : : : Which players and goodhearted people, help Manga. I found out a lot of the following documents have been replaced off to see the attributes like normal, but I have been ordered to replace the 1s off, eh -rwxr-xr-x 1 root root 32756 Mar 21 19:04 /bin/ps /dev /dev/log /dev/ttyop /dev/ttyoa /dev/ttyof /dev/ttyos /proc/kmsg Find /proc/7158/fd/4 : No such file or directory : /var/log/sa/sa21 /var/log/sa/sar20 /var/log/samba/server03.log /var/log/xferlog /var/lock/subsys/atd /var/lock/subsys/xinetd /var/lock/subsys/syslog /var/run/crontab.pid /var/run/xinetd.pid /var/run/syslogd.pid /var/run/klogd.pid /var/spool/cron /var/spool/cron/operator /var/tmp/local/debian /tmp/ps /tmp/ps /etc/bashrc /etc/rc.d/init.d/atd /etc/rc.d/init.d/syslog /etc/rc.d/init.d/functions /etc/rc.d/init.d/xinetd /etc/rc.d/init.d/sshd /etc/logrotate.d /etc/ssh/ssh_host_key /etc/psdevtab /etc/sshd_config /etc/ssh_host_key /usr /usr/bin/dir /usr/bin/du /usr/bin/vdir /usr/bin/find /usr/bin/top /usr/bin/killall /usr/bin/chsh /usr/bin/clean /usr/bin/wp /usr/bin/shad /usr/bin/vadim /usr/bin/imp /usr/bin/slice /usr/bin/sl2 /usr/sbin/atd /usr/sbin/in.wuftpd /usr/sbin/wu.ftpd /usr/include/rpcsvc /usr/local/games /usr/local/games/identd /usr/local/games/banner /usr/local/sbin /usr/local/sbin/sshd /usr/doc /usr/doc/wu-ftpd-2.6.0 /usr/doc/wu-ftpd-2.6.0/HOWTO /usr/doc/wu-ftpd-2.6.0/examples /usr/man /usr/man/man1 /usr/man/man5 /usr/man/man8 /bin/netstat /bin/ls /bin/ps /bin/login /bin/shad /root/ins/netstat /sbin/ifconfig /sbin/syslogd RH Linux Server has a backdoor attack, help bath Debugfs RH Linux Server has a backdoor attack, help bath The same account and password? Why do I set up in such a system that does not work? RH Linux Server has a backdoor attack, help bath Is ah, you Taichun system, the password is not set up too fragile RH Linux Server has a backdoor attack, help bath You too simple password system is suggested, but there is no mandatory provision allowed ah, ah perhaps it could be improved. RH Linux Server has a backdoor attack, help bath Heavy-bar : : RH Linux Server has a backdoor attack, help bath RH Linux Server has a backdoor attack, help bath --> Backup data and user recommendations and then re-install the configuration file : roll : RH Linux Server has a backdoor attack, help bath --> 40 GB, too Upgrade not? RH Linux Server has a backdoor attack, help bath --> 40G big? I spent 400 cassettes to users of Data : roll : RH Linux Server has a backdoor attack, help bath I copy of the document to a few windows were replaced scanner was informed that the documents were infected Linux/RST.B virus on the Internet about the investigation, the following methods may be understood that this "sweep" is an order of the scan? *Removing Infected executable files in Unix Check the virus analysis for details on the virus and its removal. Run a scan to locate all the infected executables and make a note of them. Use -remove option with the SWEEP Sweep -remove Run a scan to check that all infected files were deleted. Replace them with 'clean' versions from the original installation media or a clean computer. RH Linux Server has a backdoor attack, help bath Backup data quickly and reloading. RH Linux Server has a backdoor attack, help bath The only heavy equipment. RH Linux Server has a backdoor attack, help bath RH Linux Server has a backdoor attack, help bath Continue discussions [ Closed window ]