[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [K12OSN] uh oh



On Thu, Dec 16, 2004 at 10:02:10AM +0530, bimal pandit wrote:
> check using following commands
> 
> 1) w ,who
> 
> 2) last 
> 
> see man pages for more detailed options

I suggest shutting down the box ASAP and booting it back up off of
a live disc (like knoppix, or some rescue disc).  Don't trust the HDD itself,
as the programs (like 'who' and 'last') might have been trojaned
(or, at the least, your personal user account could have been set up with
aliases to those commands) and made to conceil any 'bad guys' on the box.

What kinds of services is your box running?  Is it directly connected to the
internet (e.g., via dialup modem, or broadband modem w/o a firewall)?
How up-to-date is the software running on it?

Good luck!

-bill!
bill newbreedsoftware com                               Have I been helpful?
http://newbreedsoftware.com/    http://svcs.affero.net/rm.php?r=billkendrick


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]