Forum OpenACS Q&A: Response to Help! no SSH Telnet Access

Posted by Marc Spitzer on
I have to agree with everyone else, you are screwed reinstall the box from scratch.  Pull your data off and blow the partitions.  And examin any data files carfully, especialy if they have an exicute bit set.  Set up sftp instead of ftp on this new box.  Run tripwire and store the database some where else, burn a CD.  Then if you ever wonder you have a base line to check against, this is in addition to keeping a local copy and doing a nightly check.  As far as I know freebsd has some neat features security wise that linux could use.  2 that come to mind are security levels and the immutable flag for files.  If you get rooted you can prevent yourself from geting root kited, the cracker cannot delete or overwrite files that have the immutable bit set with a high enough security level, even as root.