When a
machine is hijacked as a
- proxy web
server
- proxy image server
- proxy name
server
there is a degree of damage performed
by the hijacker.
This damage has become more severe over time.
Functions removed may include
- chattr
- lsattr
- wget
- passwd
- shutdown
- shadowconfig
- netstat
- lsof
- reboot
This information varies with time. If you are
recovering a hijacked machine, please provide
your experiences here for others to share.
Please comment on whether the information
contained here was sufficient for your purposes,
and suggest any additions.
Comments please