Questions... Administrative Actions...
 |
|
|
|
|
|
|
|
|
|
|
So what had they done.
After detecting the hacker the first time, they activated tcpwrapperss, upgraded sendmail and httpd and cleaned up the mess in /bin/false.
They managed to exclude the hacker for a short period of time but then he was back with a vengence.