Date: Sun, 23 Sep 2001 10:04:49 -0400 From: "Doug Reynolds" <mav@wastegate.net> To: "Rob" <europax@home.com>, "ybbor@freedom.net" <ybbor@freedom.net> Cc: "freebsd-questions@FreeBSD.ORG" <freebsd-questions@FreeBSD.ORG> Subject: Re: Freebsd being hacked Message-ID: <20010923140721.5EEC737B426@hub.freebsd.org>
next in thread | raw e-mail | index | archive | help
On Fri, 21 Sep 2001 09:12:28 -0700, Rob wrote: >> Today i try to log in to my computer and i can't telnet in to it. So >> i went to the box, and i can't log in to it. on the screen it says >> there was an 'su pop to toor'. and that the kernel log was full. it >> looks like i was hacked, so i unpluged the comptuer from the network >> and now i don't know what to do. >> >> how do i log in to a comptuer if someone changed the root password and >> disabled every other account? >I'd reinstall the OS from an ISO disk. Others with more experience in >this might have a better solution. you could drop into single user mode and just use passwd (i believe) if you want to get some working logs. but I would definatly fdisk/format/reinstall the whole OS. sounds like you got hit by the telnet hack. --- doug reynolds | the maverick | mav@wastegate.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010923140721.5EEC737B426>