Re: [cobalt-security] BIG mistake = Big problem = need help pls!

["Steve Werby" <steve-lists@xxxxxxxxxxxx>]

"Mez" <mez@xxxxxxx> wrote:
> The people who host the server, cobaltrack, say there is nothing they can
do
> except reload the OS - which is out of the questions as nothing is backup
on
> the server.

If someone has physical access there are other options.  They should be able
to connect to the serial port and correct the problem.  It's always also
possible to pull the drive, mount it in another machine and correct the
problem.

> The only access I have to the server now is via the web based interface,
> which i hardly ever used. Anyways I was thinking the old way around this
> would be to make a PKG file that I could load from the web based interface
> which would replace my hosts.allow and hosts.deny with CLEAN copies of
them,
> only prob is I have no idea how to make a PKG file to do this.
>
> If anyone could guide me in the right steps, some hits on where to look on
> the net etc about writing PKG files i would be most greatfull

There are PDF files available at developer.cobalt.com which explain how to
build a PKG.  All PKGs require an RPM file so if you know how to build one
you can build an RPM that generates good versions of /etc/hosts.allow and
/etc/hosts.deny.  Or if you don't know how to build an RPM you can just
create a shell script that copies good versions of these files to the right
location and follow the instructions in the PDF for generating a null RPM
(essentially a blank RPM that does nothing) since the PKG file requires at
least one RPM, null or otherwise.  Hopefully you can get the colo to assist
or build the PKG file yourself, but if you don't have the time or aren't
comfortable handling this feel free to contact me off-list if you need
someone to do this professionally for you as I can help.  I'll be in the
office Saturday morning.  The phone # is on my site.

--
Steve Werby
President, Befriend Internet Services LLC
http://www.befriend.com/