Fresh, Hot Wastes of Time

I got the new linux box up and running and answering like it’s supposed to, and the coders got the mud moved over and working great.

Three days later I see we’ve been hacked again.

I have a sneaking suspicion that someone ran the binary from the old box, which was hacked. I don’t know if anyone will admit to it, but it’s my theory. I found out that we had one of the exceedingly rare linux viruses, a remote shell trojan. Then I had to go through the hassle of convincing linux people that yes, linux does have viruses, and the freaking reason why nobody talks about them is because of the hubris of the linux community who all says that linux can’t get viruses. Nobody ended up believing me, and implied that I did something wrong setting up the box. No matter of giving them links to the few summaries of RST.b would help, even though we had the classic symptoms (appearance of /dev/hdx1 and /dev/hdx2, a few binaries containing URLs to ping, etc.). So the virus gave someone root access, and then they ran a few scripts to do other shit to the machine (I really doubt that the actual clean binary /sbin/atd has “welcome bitch.” written in there, I really really do). Some penile AOL user had an IRC bot going. The list goes on and on.

So now the machine’s been wiped out and reinstalled, again. There was no real way to clean up the damage, and what’s more, the damned thing wouldn’t boot because of all the shit done to it. Hub did the installation this time. Now if something goes wrong everyone will shake their fingers at him. We’ve also got a hardware firewall which will hopefully help matters. If not, we’re saying fuggit to the box and someone else will have to host the mud.

Posted General |