Got Hacked

Support for security such as Firewalls and securing linux
Post Reply
bocah
Posts: 12
Joined: 2019/02/08 03:46:26

Got Hacked

Post by bocah » 2020/06/17 05:00:33

My server centos 7 server got hacked, can I know where the attacker came from? can anyone help me :roll: ?

Tanks
Top
User avatar
jlehtone
Posts: 4531
Joined: 2007/12/11 08:17:33
Location: Finland

Re: Got Hacked

Post by jlehtone » 2020/06/17 07:52:19

The system logs may or may not have got some entries, but the attacker might have erased or modified them.

1. Disconnect system from all networks immediately
2. Power off
3. Boot from USB/PXE into rescue mode to read files in /var/log
4. Completely erase and reinstall fresh
Top
MartinR
Posts: 714
Joined: 2015/05/11 07:53:27
Location: UK

Re: Got Hacked

Post by MartinR » 2020/06/17 08:23:41

If you are in a big organisation your security department may prefer you not to power off, only isolate. Having an untouched system can assist in forensics. They will also prefer you not to boot so that the disks can be examined. If you are on your own though jlehtone's advice is, as usual, spot on.
Top
Post Reply

Return to “CentOS 7 - Security Support”