Someone has hacked into our Red Hat Linux 5.0 server. It looks like
they log in as "nobody". The logs show the root password changed by
uid=99. The following banner appears when logging into the server. I
don't know what the hacker has done. I suspect the 'CREATE_HOME' is
the back door he created. Can someone help?
Red Hat Linux release 5.0 (Hurricane)
Kernel 2.0.32 on an i486
configuration error - unknown item 'CREATE_HOME' (notify