[K12OSN] uh oh
Bill Kendrick
nbs at sonic.net
Thu Dec 16 08:33:34 UTC 2004
On Thu, Dec 16, 2004 at 10:02:10AM +0530, bimal pandit wrote:
> check using following commands
>
> 1) w ,who
>
> 2) last
>
> see man pages for more detailed options
I suggest shutting down the box ASAP and booting it back up off of
a live disc (like knoppix, or some rescue disc). Don't trust the HDD itself,
as the programs (like 'who' and 'last') might have been trojaned
(or, at the least, your personal user account could have been set up with
aliases to those commands) and made to conceil any 'bad guys' on the box.
What kinds of services is your box running? Is it directly connected to the
internet (e.g., via dialup modem, or broadband modem w/o a firewall)?
How up-to-date is the software running on it?
Good luck!
-bill!
bill at newbreedsoftware.com Have I been helpful?
http://newbreedsoftware.com/ http://svcs.affero.net/rm.php?r=billkendrick
More information about the K12OSN
mailing list