changing root pbuttword with Knoppix 931

I'm baffled. So this is a critical machine in a way (must be or you would be able to simply shut it down) and you have never looked into securing it, yet it is in a DMZ? And then you found an intrusion, and now you decide to temporarily look the other way...

There's an English word for that: STUPID

(That said, I feel for the situation you're probably in, you are only asked-told to do as management wants to, and they care more for extra bucks in the short term.)

I'll refine your calculations, maybe you should reopen the discussion w boss-peoples.

a) shut it down, lose money from customer X (Would the customer really be happy to know he's served stuff from a hacked box? And would it be impossible-so hard to boot a LiveCD of sorts and serve the content from there temporarily?

b) you keep it running. It may or may not go down on you, you may or may not lose money from X, and you may or may not end up with: 1. More compromise-damage on your networks hosts resulting in a much bigger loss of service costing YYYY $ 2. Getting a bad rep for willy-nilly running hacked kit 3. Get involved in much wider trouble, when your box is found out as being a threat to the net, have your ip range blocked at several ends, being blacklisted all over the place so your mail doesn't get anywhere anylonger, being sued for whatever damage results from all above.

This reasoning is similar to: there's a small fire in our office, but we can't evacuate now, because we have a business to run. Let's try to contain it for now by means of errm doing nothing but rebuild the furniture we're gonna loose in the fire and let's hope the fire will not spread.

If any of the above happens, it's your neck. They'll say you had not informed them of the risks, or you're not competent for the job. Even if you get away with it, what will happen the next time something like this happens ? Your case for immediate action won't be helped by it then...

Be smart, don't take part in Russian Roulette. Shut the box down. Now. Call the customer. Say you HAVE to do some critical maintenance, which will disrupt their service for a short period but will ensure quality of service in the long run, which must sound good to any customer. Use the situation as leverage for your arguments to invest in security, allow yourself to take a course, take time to learn etc.

Or, do a raindance, take out your rosary and ask the good lord for guidance.

Good luck, and may smart decisions follow! Sh.