was i hacked

[Uday]

I had a system crash recently which had put me in all sorts of problems on
my RH7.1 box running sendmail and httpd.  Now it is restored but not to
original and need some help.

What happened exactly was like this : On the 1st of May when I connected to
the box thru SSH form my home it gave me the bash prompt instead of my usual
hostname prompt.  Second there were no files in /var/log.  Next I reboot the
comp and even my sshd on the server did not start and I had to rush to
location physically.

On the comp also I could not get the usual prompt.  Eventually I found out
that the .bash_profile, .bashrc, .bash_logout  for root were missing. and
none of the /var/log was there ALL DELETED!!

The points I do not know are:
1. WAS I HACKED? IF YES HOW DO I KNOW WHICH WAY THE HACKER GOT IN?
2. After restoring the sendmail does not write logs to /var/log/maillog
(though it is functioning) and similarly many log files boot.log, cron,
messages, secure, spooler, are 0 bytes - The system is not writing logs to
this file HOW? WHY?
3. Before restoring the /etc/rc files had all broken links because at that
time echo $PATH use to give me nothing.  No path was defined.  Now I ve put
a fresh rc.sysinit but all the other rc files are still marked red (they are
not blinking) so IS THE LINK RESTORED OR NOT?  And how do I remove the red
marked link files and restore all the linked files to normal??

Thanx