Server Hacked
Brian C
brianwc at ocf.berkeley.edu
Fri Aug 19 05:39:13 UTC 2005
My Debian server has been hacked. Every web page I hosted now reads:
"XTech Inc Was Here :D"
XTech Inc we are: Status-x & PABLIN77
uid=0(XTech Inc) gid=0(XTech Inc) groups=0(XTech Inc)
Pablin77: MARY TE AMO!!!!!!
Powered by XTech Inc / PABLIN77
Made in ARGENTINA - pablin_77 at argentina.com
I run Debian-testing and generally stay on top of updates. I do run a
few too many services on that server though. I wonder if my recent
addition of making it a tor server is what brought my humble server to
these jerks attention? I've little experience with recovering from this,
so any advice on what steps to take from here, what log files are
relevant, etc. would be greatly appreciated.
Brian
More information about the tor-talk
mailing list