Mark Weaver wrote:
> yeah... and the one that was possibly part of the problem is now gone.
> I never restored it from backup after the second breach. The perps were
> trying after the second reload, but since that web site wasn't restored
> and running on the web server they weren't able to get in.
now would also be a good time to plumb in remotelogging :D
I recommend rsyslog!
--
Karanbir Singh
CentOS Project { http://www.centos.org/ }
irc: z00dax, #centos at irc.freenode.net