Re: Have I been hacked?
> If you want to inspect further, I would suggest you look at each of the
> jobs being run. See if they are what you expect them to be. Also check
> your /etc/crontab and /etc/anacrontab to see what is in them.
I would love to investigate further but I am afraid I am not inclined towards
forensics ... lol ... I am an Aircraft Engineer by trade not a Computer
Scientist ... :) ... I played around with sleuthkit but that confused the living
hell out of me ... lol ... I don't even know what to look for ... The server I
have is a small community/family server that gives wireless access to poor
families ...
>
> As for the attacks - I've seen a big uptake in the attacks over the last
> couple of weeks. The worst I've seen is > 100 IP's locked out in one 24
> hour period. They are coming from all over the world, although since
> there are a lot of proxies (many of them from trojans/viruses installed
> on unsuspecting machines), there's no easy way to tell what the real
> origins are.
It's astonishing how quick they can find an IP ...
> I have permanently blocked the IP ranges of some of the worst offenders,
> but the only real way to stop it is to take your machine off the
> internet completely.
>
> Just ensure you're using good security practices - don't allow root
> login, use long, random passwords, etc. I also use a random character
> strings for the login ids, as well as passwords - just one more thing
> for the hackers to have to figure out how to get around.
That's the problem right there ... random passwords ... lol ... but I will have
to adapt ...
Thank You
Reply to: