CONFIRMATION!

I installed a 6.2, with partial upgrading to 7.0 (that is that way I did it back then... you know). This was just after 7.0 came out. They switched to using XINETD. I love xinetd. iIt adds another layer for them to have to get by.

I had it "almost" config'd. Should have downed it for the night.

4 hours after I left the machine was compromised.

When I got in, I was told the internet was down....

Err. no. Without even checking anything I unplugged the machine. Everything went back to normal.

Of course, now I was in DEEEP. I could not re-format as there was some data that was not backed up. I ended up doing a private vlan for it and another machine... transferred everything off.

It was a half-life download server, I disccovered that it was the apache install that allowed the compromise. Oh well. Live and learn

BTW, IPTABLES was no where anything redhat, until 7.2. And RedHat still used ipchains by default anyway.

If it were me... Debian Woody and fwbuilder. small, easy to manage, works.

Welcome to IWETHEY!