From owner-freebsd-questions Sun Oct 20 12:59:15 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E1EE837B401 for ; Sun, 20 Oct 2002 12:59:13 -0700 (PDT) Received: from sccimhc02.insightbb.com (sccimhc02.insightbb.com [63.240.76.164]) by mx1.FreeBSD.org (Postfix) with ESMTP id EFB9443E9E for ; Sun, 20 Oct 2002 12:59:11 -0700 (PDT) (envelope-from bryanc2000@insightbb.com) Received: from insightbb.com ([12.222.162.255]) by sccimhc02.insightbb.com (InterMail vM.4.01.03.27 201-229-121-127-20010626) with SMTP id <20021020195906.FXVZ1063.sccimhc02.insightbb.com@insightbb.com> for ; Sun, 20 Oct 2002 19:59:06 +0000 Date: Sun, 20 Oct 2002 12:59:09 -0500 From: Bryan Cassidy To: freebsd-questions Subject: Security! Please help newbie Message-Id: <20021020125909.1acd7e7c.bryanc2000@insightbb.com> X-Mailer: Sylpheed version 0.8.5 (GTK+ 1.2.10; i386-portbld-freebsd4.6.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Heres the deal. Two days ago I was hacked. I know this for a fact. The guy was using my IP address in a Counter Strike game a friend of mine told me. He said he made sure he had the IP address of the person. I went online on IRC and when I got there he told me about what happened. The guy tried a DoS attack on my friend. I was also banned from a couple IRC Channels (I can get back in now) I couldnt connect 2 days ago for NOTHING. He was completely using all my bandwidth. We are in the process of finding out who this guy was to prosecute. I don't know what he used my IP address for and I don't think this is a game. I reinstalled FreeBSD yesterday sometime. We went through a couple security setups. I don't know anything about security. I will explain what I did. I adding the following into my kernel config # Firewall options IPFIREWALL options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT=10 I also added the following to my /etc/rc.conf file firewall_enable="YES" firewall_quiet="YES" firewall_script="/etc/rc.firewall" firewall_type="/etc/ipfw.acl" I then added the following the /etc/ipfw.acl add 1000 allow ip from any to any I have a few days off so I am going to be using these days for setting up security and learning security. If someone out there would please help me out with makeing sure my box is locked down tight I would really appreciate it. I find it very childish and even scary knowing someone has used my computer and not knowing everything he used it for. Thank You and I hope to get some replys real quick to resolve this matter as soon as possible. -------------------------------------------------------------------------- E-Mail: Bryan Cassidy GAIM: bsdsys Yahoo Messenger: bsdsys I have put alot of time in setting up my mail filters. Please do not simply Reply-To: unless said so.Please Reply-To the appropriate mailing list. This is very annoying for me. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message