Once, I had a friend who got hacked into, and they hacker installed a root-kit. He also installed a bunch of programs that opened ports that all ended in 666, presumably to slave the computer to a main system later on (like for a distributed DoS attack). The problem? root couldn't delete the files he put on the system. I have no idea how he managed this (I even used chattr and chown to make the files writable by anyone -- at least in theory). In the end, I just fired up debugfs, and deleted the files.
Last updated on 2001-01-06 14:00:00 -0700, by Shalom CraimerBack to Tech Journal