Re: possibly hacked? Need some ideas please!

From: Kevin Handy (kth_at_srv.net)
Date: 02/15/04


Date: Sat, 14 Feb 2004 16:27:10 -0700

Andy wrote:
> I have a remote Linux box doing file/email/web serving for
> a small office behind a hardware firewall. All of a sudden
> none of the services are responding including SSH.
>
> Ports 21, 22, 25, 80, 110, 143, 443, and 993 are open on the
> firewall pointing to the Linux box.
>
> We are using the latest ProFTPD with NO anonymous access allowed.
>
> I have VNC to a desktop inside the LAN and I can ping the
> Linux box at 192.168.1.100. It responds to ping!
>
> But all the other services are NOT responding.

xinetd (inetd) may have crashed. I have seen it crash
frequently on a RedHat 7.1 system.

try '/etc/init.d/xinetd restart' and see if everything works again.

> I thought maybe the power went out and it is sitting waiting
> for filesystem check. If that was the case, it would not
> reply to ping right? Because the networking is not started right?
>
> I am lost and hope the box is not hacked...
>
> And ideas?
>
>



Relevant Pages

  • Re: possibly hacked? Need some ideas please!
    ... > a small office behind a hardware firewall. ... > none of the services are responding including SSH. ... > firewall pointing to the Linux box. ... It responds to ping! ...
    (alt.os.linux)
  • Re: possibly hacked? Need some ideas please!
    ... ]> a small office behind a hardware firewall. ... ]> none of the services are responding including SSH. ... ]> firewall pointing to the Linux box. ... It responds to ping! ...
    (alt.os.linux)
  • Re: possibly hacked? Need some ideas please!
    ... >> a small office behind a hardware firewall. ... >> none of the services are responding including SSH. ... It responds to ping! ... >> I thought maybe the power went out and it is sitting waiting ...
    (alt.os.linux)
  • Re: possibly hacked? Need some ideas please!
    ... > a small office behind a hardware firewall. ... It responds to ping! ... Hopefully this is tunneled through ssh. ... I have seen systems responding to pings in the ...
    (alt.os.linux)
  • Re: possibly hacked? Need some ideas please!
    ... >>a small office behind a hardware firewall. ... >>none of the services are responding including SSH. ... > state that it responded to ping but nothing else worked. ... There are network cards with it's own BIOS, those will respond on pings as ...
    (alt.os.linux)