PLEASE help! My system's have been compromized!!

[Chris Allan]

Pontus,

Hold on a second. Nessus has been known to falsely identify windows DDoS tools. Check everything out on those boxes before you jump to conclusions.

I strongly suspect that you've got false positives on your Nessus report, as I have many times in the past. Remember, Nessus isn't the end all and be all, it's just one tool.

-Chris


On Sun, Jul 15, 2001 at 11:13:17PM +0200, Pontus Edvardsson wrote:
> My firewall obviously wasn't as good as I thought it was... Probably my own fault, but I want to learn how to make it safer.
> 
> I just installed Nessus on a Debian 2.2r3 box and it almost imediately found two trojans on my w2k box... Distributed attack tools, so I will as soon as possible (meaning as soon as I know how to improve my security) reinstall from scratch, meaning 3 Debian and one w2k machines... :((
> 
> I don't need a sophisticated firewall, just something to keep most people out, and letting me surf the net... ;) As most people I guess...
> 
> I really would appriciate some help on improving the security of my firewall!
> 
> I'll post my script for comments on request.
> 
> Thanks!
> 
> Pontus