being hacked?
_at_(none)
Date: 02/02/04
- Previous message: Brett Carrington: "Re: A letter for Mr. Darl McBride - personal use"
- In reply to: Jan Minar: "Re: arabic unicode in terminals"
- Next in thread: Adam Aube: "Re: being hacked?"
- Reply: Adam Aube: "Re: being hacked?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Mon, 02 Feb 2004 01:34:29 +0100 To: debian-user@lists.debian.org
Hi,
in my sid installation the synaptics logon screen asking for root
password started warning about "could not grab keyboard, malicious
agent". Chkrootkit gave a "bindshell on port 1630" warning.
The warning was only generated when the adsl connection is on.
Can this be somebody('s bot) trying over adsl?
I have a hardware router/switch (sweex) with rather primitive firewall.
Not very clear what it does.
Connection is ptpp/vpn with fixed ip#.
Made a new partition, installed new sid with serious password, installed
bastille, planning to mount the existing partition for /home (reusing
existing /home and perhaps some /etc files). Is this safe?
This is my experimental machine, no real harm.
A different sarge machine chrootkits as "4 hidden processes, possible
LKM trojan", I bastilled this machine too. Google seemed to indicate
this may not be serious, it is a P4 with multiple threading (not enabled
I think). Now I feel less secure.
My woody server (66 MHz) and a sarge (355 MHz) laptop have no chkrootkit
warnings (too slow for a hacker?).
Any other packages recommended for battening down the hatches?
mvg Boudewijn
-- To UNSUBSCRIBE, email to debian-user-request@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
- Previous message: Brett Carrington: "Re: A letter for Mr. Darl McBride - personal use"
- In reply to: Jan Minar: "Re: arabic unicode in terminals"
- Next in thread: Adam Aube: "Re: being hacked?"
- Reply: Adam Aube: "Re: being hacked?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
