Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Server has been compromised
Special Forums Cybersecurity Server has been compromised Post 302756727 by Neo on Wednesday 16th of January 2013 12:13:46 PM
Old 01-16-2013
I think it is more important to determine what are your key apps on the server; then back them up if you think they are not compromised and rebuild the VPS server from scratch; and reinstall your app.

You should also make sure your file system is secure based on the apps that are running, and run a cryptographic file system management tool (tripwire or some other version of the same thing) immediately to get a baseline.

What you have failed to mention is the core production app that is running on the server. Is it a web server? A mail server? A database back end?

It is really not possible to help you if you are not specific about what is "core app" and what is "supporting files". The reason is that you need to rebuild your file system from scratch to be perfectly safe. However, there may be some files you need (database, web files) that are not compromised and you can just back them up, reinstall the system (the supporting file system) and then get the main act up and running.

But the exact strategy is based on what is the main core application running on the server.

Is is basically a web server?
 

9 More Discussions You Might Find Interesting

1. IP Networking

in.telnetd[5115] -- compromised?

/* Linux Slackware */ looking in my logs I see tons of entries similar to below. Does anyone know what these mean, and should I be concerned. I looked up a few of the IP's at Arin.net and saw that many of them belong to isp's (not good).. Any information is helpful.. Body of Messages log... (1 Reply)
Discussion started by: LowOrderBit
1 Replies

2. Solaris

NFS write failed for server.....error 11 (RPC: Server can't decode arguments)

Hello! I have a Linux nfs server (called server100 below) with a export nfs. My problem is that the Solaris client (called client100 below) doesn't seems to like it. In the Solaris syslog I got following messages (and after a while the solaris client behave liked its hanged/to buzy). Also see... (3 Replies)
Discussion started by: sap4ever
3 Replies

3. Windows & DOS: Issues & Discussions

Office server => laptop =>client server ...a lengthy and laborious ftp procedure

Hi All, I need your expertise in finding a way to solve my problem.Please excuse if this is not the right forum to ask this question and guide me to the correct forum,if possible. I am a DBA and on a daily basis i have to ftp huge dump files from my company server to my laptop and then... (3 Replies)
Discussion started by: kunwar
3 Replies

4. Shell Programming and Scripting

KSH fetching files from server A onto server B and putting on server C

Dear Friends, Sorry for this basic request. But I just started learning Ksh recently and still I am a newbie in this field. Q: I have files on one server and the date format is 20121001000009_224625.in which has year (yyyy) month (mm) and date (dd). I have these files on server A. The task... (8 Replies)
Discussion started by: BrownBob
8 Replies

5. Shell Programming and Scripting

Connect to server-1 from server-2 and get a file from server-1

I need to connect to a ftp server-1 from linux server-2 and copy/get a file from server-1 which follows a name pattern of FILENAME* (located on the root directory) and copy on a directory on server-2. Later, I have to use this file for ETL loading... For this I tried using as below /usr/bin/ftp... (8 Replies)
Discussion started by: dhruuv369
8 Replies

6. Shell Programming and Scripting

Shell script to copy a file from one server to anther server and execute the binary

Hi , Is there any script to copy a files (weblogic bianary + silent.xml ) from one server (linux) to another servers and then execute the copy file. We want to copy a file on multiple servers and run the installation. Thanks (1 Reply)
Discussion started by: Nawrajesh
1 Replies

7. UNIX for Dummies Questions & Answers

Transfer file from server B to server C and running the script on server A

I have 3 servers A, B, C and server B is having some files in /u01/soa/ directory, these files i want to copy to server C, and i want to run the script from server A. Script(Server A) --> Files at Server B (Source server) --> Copy the files to Server C(Target Server). We dont have RSA key... (4 Replies)
Discussion started by: kiran_j
4 Replies

8. Solaris

Script to get files from remote server to local server through sftp without prompting for password

Hi, I am trying to automate the process of fetching files from remote server to local server through sftp. I have the username and password for the remote solaris server. But I need to give password manually everytime i run the script. Can anyone help me in automating the script such that it... (3 Replies)
Discussion started by: ssk250
3 Replies

9. UNIX for Dummies Questions & Answers

Please help my computer has been compromised

Hi everyone, I hope I am posting in the right spot and I really need some help. I am going through a horrible divorce and I am afraid that my husband has compromised . He set up my mac computer and router and for my job set up remote access for me. I caught him cheating on me and I think he... (6 Replies)
Discussion started by: kk243665
6 Replies

LEARN ABOUT DEBIAN

xr

XR(1)								     Man Page								     XR(1)

NAME

       xr - Crossroads Load Balancer & Fail Over Utility

SYNOPSIS

       xr [--verbose] [--web-interface XRSERVER:PORT] --server tcp:XRSERVER:PORT --backend BACKEND:PORT [--backend BACKEND:PORT] ...

DESCRIPTION

       This manual page briefly documents XR, the Crossroads Load Balancer & Fail Over Utility.

       XR is an open source load balancer and fail over utility for TCP based services. It is a dae mon running in user space, and features exten-
       sive configurability, polling of back ends using wake up calls, status reporting, many algorithms to select the	'right'  back  end  for  a
       reques t (and user-defined algorithms for very special cases), and much more.

       XR is service-independent: it is usable for any TCP service, such as HTTP(S), SSH, SMTP, dat abase connections. In the case of HTTP balanc-
       ing, XR handles multiple host balancing, and can provide session stickiness for back end processes that need sessions, but aren't  session-
       awa re of other back ends.

       XR furthermore features a management web interface and can be run as a stand-alone daemon, or via inetd.

       Execute 'xr -h' to get a complete list of available command-line parameters.

EXAMPLE

       xr --verbose --server tcp:0:80 --backend 10.1.1.1:80 --backend 10.1.1.2:80 --backend 10.1.1. 3:80 --web-interface 0:8001

       This instructs XR to listen to port 80 and to dispatch traffic to the servers 10.1.1.1, 10.1.1.2 and 10.1.1.2, port 80. A web interface for
       the balancer is started on port 8001.

       Direct your browser to the server running XR. You will see the pages served by one of the three back ends. The console where XR is started,
       will show what's going on (due to the presence of --verbose).

       Direct  your  browser  to  the  server running XR, but port 8001. You will see the web interface, which shows the status, and where you can
       alter some settings.

SEE ALSO

       xrctl(1)

AUTHOR

       XR was written by Karel Kubat <karel@kubat.nl>. Web page: http://crossroads.e-tunity.com

       This man page was written by Frederik Dannemare <frederik@dannemare.net>.

Crossroads							    Nov 6, 2008 							     XR(1)
All times are GMT -4. The time now is 04:31 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy