Re: tlug: The aftermath of having one's server hacked.

[Chris Sekiya <chris@example.com>]

On Wed, 27 Jan 1999, Dave Gutteridge wrote:

> 1. Change my root password. This makes it difficult to do any repairs. If
> anyone has a suggestion as to how i might reclaim superuser status, please
> inform me.

Booting from LILO?

LILO: linux init=/bin/bash

# mount -n -o remount /
# passwd root

... should take care of it.

> If someone can tell me how I might turn these addresses around into
> some e-mail addresses so i can inform them that someone at thier site
> has been abusing their system, then that would also be greatly
> appreciated.

$ whois wsu.edu
(snip)
   Administrative Contact:
      Cannon, Lynn  (LC127)  cannon@example.com
      (509) 335-0411
   Technical Contact, Zone Contact:
      Wegner, Rick  (RW211)  rick@example.com
      (509) 335-0464

(replace wsu.edu with the domain name and/or IP base of the target domain)

-- Chris

-------------------------------------------------------------------
Next Technical Meeting: February 13 (Sat), 12:30 place: Temple Univ.
** presentation: XEmacs, by Steven Baur and Martin Buchholz
Next Nomikai: March 19 (Fri), 19:30   Tengu TokyoEkiMae 03-3275-3691
-------------------------------------------------------------------
more info: http://tlug.linux.or.jp                     Sponsor: PHT