Maco: > i am not worried abt reinstalling ( i loathe doing it ) but > my worry here ( as some of you have accurately pointed out ) > is that the 'issue' will repeat again bcos i just downt know > what happened. I m just surprised that a centos box was compromised. If you are only running software installed from the repos, the best thing to do is to wipe and reinstall the machine from scratch. Make sure it has the latest versions of everything you are using. Like I said earlier, it is going to be very hard to determine exactly how it was hacked. Hopefully, whatever the hacker used has been patched. If it is a new exploit, any CentOS server is vulnerable, not just yours. I assume the hacker would compromise more machines than just yours. The hole will eventually be discovered and fixed. As I said before, nothing is 100% secure. Neil -- Neil Aggarwal, (832)245-7314, www.JAMMConsulting.com Eliminate junk email and reclaim your inbox. Visit http://www.spammilter.com for details.