On Sunday 05 February 2006 10:10 am, Chris Mauritz wrote:
Where practical, I also agree with this statement. That really is the only way to be sure. Though you also have to sit down and consider how the naughty people compromised your machine in the first place and make sure that vulnerability is fixed on the fresh install....or you'll just be doing this again in a few days.
In the case that you can not figure it out, here are some very easy to use tools to help lock down your system:
http://www.bastille-linux.org/ Bastille will walk you through the basic steps of locking down your system.
http://www.fs-security.com/ If you aren't real firewall or iptables savvy, firestarter make is easy to set up a very secure firewall.
http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/ref-guide/s1-tcpwrappe... TCP Wrappers can be used in conjunction with firewall rules.
http://freshmeat.net/projects/chkrootkit/ chkrootkit will check for signs of a rootkit.