hacked?

[GhettoFob]

Hi, I noticed that I had two new user accounts created on my Red Hat 9.0 system. In one of their folders, there was something called openssl-too-open and another with something called bindscan. I have since unplugged this computer from the internet. I formatted and installed RH just 4 days ago and it's been up since then. Have any of you heard of this exploit and what should I do to prevent against it? Thanks.

 

[sciencewhiz]

it's an openssl exploit. Google for openssl-too-open.

I found one patch for openssl on redhat 9. https://rhn.redhat.com/errata/RHSA-2003-101.html