hacked server

  1. W

    Solved How detect the source of change time in specific file?

    Looking in my tripwire logs I got: Modified: "/etc/ssl/private" "/etc/ssl/private/server.key" And: Modified object name: /etc/ssl/private/server.key Property: Expected Observed ------------- -----------...
  2. S

    System Compromised!

    Hi, A user systemd was created with root privileged on FreeBSD, once we started digging more into this we found the .bash_history file under his home directory which he created in /lib/.systemd, his history explained that he downloaded some log tamper script in order to hide his appearance but...
  3. quamenzullo

    Hacked server (question about sendmail configuration)

    Hello everyone, I have a server with FreeBSD 10.1 that has been hacked recently. My guess is the attacker "entered" the server using a weakness of the old cms I was using for one website. (This is my fault, I have waited too long and didn't change the cms despite the absence of updates since...