Date: Thu, 9 Aug 2001 10:42:45 +0200 (CEST) From: =?iso-8859-1?q?m=20p?= <sumirati@yahoo.de> To: bsd2000au@yahoo.com.au, crimsun@email.unc.edu Cc: freebsd-questions@freebsd.org Subject: Re: Yep-I been hacked! Whats psyBNC? Someone installed it Message-ID: <20010809084245.72214.qmail@web13306.mail.yahoo.com>
next in thread | raw e-mail | index | archive | help
Hi Dan > --- "Daniel T. Chen" <crimsun@email.unc.edu> wrote: > > Sounds like a bnc used for irc, meaning that someone > > connects to your > > computer via the bnc app and uses your hostmask to > > connect to an irc > > server. > Yep that's it...but I don't have an IRC server > installed ? How are they compromising me by doing > this? > Whats a BNC app? > Thanks for your help > Keith Hi Keith, what a BNC app is? A bouncer. What is done by the bouncer: User connect to the "BNC" app at your computer at whatever port above 1024 he/she choose. The program makes a connection to different IRC servers (or is connected all the time). The bouncer is sending all what it gets from IRC back to the user connected from an external host. To the log: someone (your user?) tried to download the bouncer from an page which have it. Then tried to make (or: BUILD/compile) the application. Then moved the application to a directory called log, renamed the application from psyBNC to log and the config file also. Then he/she started the bouncer looked, it was running and logged of. Possibly you don't want your users anymore to: - use a c compiler on your machine - letting them connect to whatever they want Try: - Change rights on the c compiler - Install at least some packet filters Hope that helps Marc __________________________________________________________________ Do You Yahoo!? Gesendet von Yahoo! Mail - http://mail.yahoo.de To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010809084245.72214.qmail>