Hi all, It appears as if 2 servers we have were compromised. Does anyone know of someone or a business we can get to examine our servers and tell us what to do? Our hosting company is not the easiest to deal with and I'm having trouble getting anything beyond level 1 support from them. Thank you in advance, Michael
What gives you evidence they were compromised? To what extent was security breached? Was just a website defaced, did they get user, or root access? Do you know how they got in? You may want to audit all of your running services and check if there are known exploits. Unfortunately your best option may be to backup your data, format disks, and reinstall the OS. It can be hard to tell if a back door was installed. .. karl Michael Zarozinski wrote:
Hi all,
It appears as if 2 servers we have were compromised. Does anyone know of someone or a business we can get to examine our servers and tell us what to do? Our hosting company is not the easiest to deal with and I'm having trouble getting anything beyond level 1 support from them.
Thank you in advance,
Michael _______________________________________________ Wlug mailing list Wlug@mail.wlug.org http://mail.wlug.org/mailman/listinfo/wlug
participants (2)
-
Karl Hiramoto
-
Michael Zarozinski