My mail/web/file server got 0wn3d. I discovered it late last night. It was my fault, running a (pretty much) vanilla RedHat 7.0 for a while. I was bummed.
Of course, when you're r00ted you can't trust anything on your system so I backed up my home diretory and my sendmail configuration files and began to install RedHat 7.2 from CD.
I configured iptables and made a very strict firewall, allowing only ssh, smtp and http. I also decided to completley uninstall the telnet server and the ftp daemon.
On top of that, I shut down loads of services that were being started up for nfs and the like.
I turned on tripwire and implemented a backup plan. I think I'm turning into a real sysadmin. Slowly but surely.
It took me all night and part of the day to get this far and the only thing I have left is to restore my web site. I have a placeholder at http://geeknest.com/ that I think symbolises my current feelings about the whole thing.
What I want to know is, what did I do to that guy in Isreal to make him want to r00t my box?!
