The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Can anyone share their RedHat 9 /sbin/init file please?

Discussion in 'General Discussion' started by Kaveyhosting, Jun 24, 2005.

  1. Kaveyhosting

    Kaveyhosting Well-Known Member

    Joined:
    Apr 20, 2005
    Messages:
    53
    Likes Received:
    0
    Trophy Points:
    6
    I got a server that got "hacked" and they put in a rootkit. I need a clean /sbin/init file to replace the one they left. If you can copy and paste yours or something that would be great. Thanks in advance.
     
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    /sbin/init is part of the SysVinit rpm which you can get from any RH9 mirror and do an rpm force install.

    That said, if you've suffered a root compromise you should not try to clean it up - your server as it stands can never be trusted again unless you remove the OS disk and send it off to forensic security specialists to clean as there could always be a backdoor lurking around. You should really backup your users data and perform an OS reinstall and then restore, fixing the security whole that you were compromised through. Better yet, upgrade to a supported OS, such as CentOs, since RH9 is now full of local root compromises, since it's been EOL for a year and a half now.
     
  3. Kaveyhosting

    Kaveyhosting Well-Known Member

    Joined:
    Apr 20, 2005
    Messages:
    53
    Likes Received:
    0
    Trophy Points:
    6
    Thanks for all of the help. Ill give that a shot.

    This is a production server with over 300 accounts on it. I am waiting on a new server to be loaded... I have been up all night working on this server. At the moment I am just trying to clean it up the best I can to minimize or ideally eliminate downtime when I move all the accounts to the new server I am waiting on. The new one is CentOS... I got this box before I started using CentOS.
     
  4. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    To save you the search, this should work:

    Code:
    rpm -Uvh --force http://ftp.belnet.be/pub/mirror/ftp.redhat.com/pub/redhat/linux/9/en/os/i386/RedHat/RPMS/SysVinit-2.84-13.i386.rpm
     
Loading...

Share This Page