Page 1 of 1
How to remove Unreal3.2 from Linux, how did it get here ?
Posted: Thu Dec 29, 2005 5:37 pm
by rhodes2010
1. I cannot figure out what Unreal3.2 is.
2. Don't know what an IRCD is .
3. Someone from halfway around the world hacked into
my production server on Dec 27th at 5pm PST and
installed Unreal3.2 into the system.
4. Can this product allow hackers to exploit my server ?
Any advice would really be appreciated.
Thank you,
Bob
Posted: Thu Dec 29, 2005 6:11 pm
by Dukat
1/2.
Unreal is an advanced IRC Daemon.
http://en.wikipedia.org/wiki/IRCD
3. You know the drill: Reinstall your server...
4. No. Only your ressources are used (i.e. an IRCd is running -> process on your server).
Unreal can't be used to access your server in any other way than via IRC.
Removing Unreal depends on how it was installed.
Most probably you can simply delete the Unreal3.2 directory.
But
you should really install a clean version of your OS!
At least it only took you two days to realize you've been hacked...
http://insight.zdnet.co.uk/communicatio ... 487,00.htm
http://linux.ucla.edu/guides/security.php3
Is there a legitimate use of this product ?
Posted: Fri Dec 30, 2005 5:14 am
by rhodes2010
I am not being in any way disrespectful, but is there a legitimate
use for this product ?
We were able to eradicate the executables, tomorrow we start
on cleansing the kernel. Most of the domains used for access
were closed off.
Posted: Fri Dec 30, 2005 9:55 am
by Dukat
You obviously still don't know what IRC is...
Read:
http://en.wikipedia.org/wiki/Internet_Relay_Chat
Hundreds of thousands of users are using IRC every day in a "legitimate use": to chat.