Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Our system was hacked
Special Forums Cybersecurity Our system was hacked Post 303037142 by jgt on Wednesday 24th of July 2019 05:19:52 PM
Old 07-24-2019
Our system was hacked
Someone made a mistake, and left our router wide open, pointing all ports to a SCO 6.0.0 system.
Within 24 hours, the following happened.
The contents of all the files (except tar files) in three directories, one directory on each of three different file systems, were replaced with nulls. None of the inode data was changed, meaning that the output of 'ls -l' was the same before and after. In two of the directories the file permissions were 0664, and in the last, the permissions were 0644 and files owned by root.
I have not been able to find anything in any of the log files to indicate who or when this happened.
Since we had adequate backups there was no long term damage.
Any thoughts would be appreciated.
This User Gave Thanks to jgt For This Post:
RavinderSingh13
 

3 More Discussions You Might Find Interesting

1. Linux

pc hacked

Hi, i think someone has hacked my server, the following rules used to come which i haven't put. Please help me i couldnt find out how this rules are apply, i think someone has put an script which generates enables the rules. But after restarting the iptables everything seems to be working... (0 Replies)
Discussion started by: naik_mit
0 Replies

2. Cybersecurity

How to know when you've been hacked

One of the most important ways to keep tou machine secure is to know when it has been broken into. The less time hackers have on your system, the less they can do to it, and the greater you chancens of kicking them off and repairing the damage. The more sophisticated the hacker, the less likely... (8 Replies)
Discussion started by: binhnx2000
8 Replies

3. Cybersecurity

Server hacked on known port

Hi, There is a recent case whereby it was reported that one of the production servers was hacked on port 1521. However, I am not sure how this was possible, as I checked that the OS firewall (iptables) is on : # /etc/init.d/iptables status Table: nat Chain PREROUTING (policy ACCEPT) num ... (7 Replies)
Discussion started by: anaigini45
7 Replies

LEARN ABOUT OPENSOLARIS

check-permissions

check-permissions(1M)					  System Administration Commands				     check-permissions(1M)

NAME

       check-permissions - check permissions on mail rerouting files

SYNOPSIS

       /usr/sbin/check-permissions [login]

DESCRIPTION

       The   check-permissions script is intended as a migration aid for sendmail(1M). It checks the /etc/mail/sendmail.cf file for all configured
       alias files, and checks the alias files for :include: files. It also checks for certain .forward files. For each file  that   check-permis-
       sions checks, it verifies that none of the parent directories are group- or world-writable. If any directories are overly permissive, it is
       reported. Otherwise it reports that no unsafe directories were found.

       As to which .forward files are checked, it depends on the arguments included on the command line. If no	argument  is  given,  the  current
       user's home directory is checked for the presence of a  .forward file. If any arguments are given, they are assumed to be valid logins, and
       the home directory of each one is checked.

       If the special argument ALL is given,  the passwd entry in the  /etc/nsswitch.conf file is checked, and all password entries  that  can	be
       obtained through the switch file are checked. In large domains, this can be time-consuming.

OPERANDS

       The following operands are supported:

       login	Where login is a valid user name, checks the home directory for  login.

       ALL	Checks the home directory of  all users.

FILES

       /etc/mail/sendmail.cf	Defines environment for  sendmail

       /etc/mail/aliases	Ascii mail aliases file

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWsndmu 		   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Evolving			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       getent(1M), sendmail(1M), aliases(4), attributes(5)

SunOS 5.11							    10 Nov 2003 					     check-permissions(1M)
All times are GMT -4. The time now is 06:44 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy