Date: Sat, 14 Jan 2006 10:27:45 -0800 (PST) From: "anchor (sent by Nabble.com)" <lists@nabble.com> To: freebsd-hackers@freebsd.org Subject: Re: My machine been hacked, I need help Message-ID: <2381067.post@talk.nabble.com> In-Reply-To: <2374502.post@talk.nabble.com> References: <2374502.post@talk.nabble.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Many thanks to all the replies. I need more time to understand them ;) I have taken off my machine from the internet to protect further damage. It takes me time to research it since I'm not that experienced in the system. The machine was hacked my my former system admin. But I need evidence. He put his machine IP into my rc.firewall file to allow him sudo. That's the only evidence I found. By the way, do sudo also leave logfile somewhere? There is another problem: The hacker also changed something or maybe added a backend process to auto log me out within 1 minute idle. I checked .profile of my account and the root acount. It very hard for to stay a screen and thinking, investigating, etc. -- View this message in context: http://www.nabble.com/My-machine-been-hacked%2C-I-need-help-t915435.html#a2381067 Sent from the freebsd-hackers forum at Nabble.com.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2381067.post>