Sever Breakin

Support for security such as Firewalls and securing linux
Post Reply
PremierHostingCompan
Posts: 3
Joined: 2020/04/02 17:12:09

Sever Breakin

Post by PremierHostingCompan » 2020/04/06 17:35:25

I have a dedicated server Hosted at 1and1 and I found a hacker on it - Found out what he was doing and removed the malware files - closed down sftp server that was how he got in. He started the ftp server and was logged in there.
I am running rkhunter and maldet but it doesn't do anything to him.. I can't find any files etc now but he is getting on and deleting log files and bash

Anyone wants to try and help me it would be appreciated. I will give you access and see if you can get him stopped

User avatar
TrevorH
Forum Moderator
Posts: 29909
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Sever Breakin

Post by TrevorH » 2020/04/06 17:44:38

There is no "recovery" from this. You backup your data and you reinstall the system. You have no idea how many ways they have backdoored your system nor in how many ways they are siphoning off data from the system for later use. You will never be able to trust this system again.
CentOS 6 will die in November 2020 - migrate sooner rather than later!
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 is dead, do not use it.
Full time Geek, part time moderator. Use the FAQ Luke

Post Reply

Return to “CentOS 7 - Security Support”