Date: Mon, 18 Dec 2000 13:49:23 -0500 From: mikel <mikel@ocsinternet.com> To: "Zaitsau, Andrei" <AZaitsau@panasonicfa.com> Cc: net@FreeBSD.ORG Subject: Re: Hacked computer Message-ID: <3A3E5C33.793B5684@ocsinternet.com> References: <054F7DAA9E54D311AD090008C74CE9BD01F1E7CB@exchange.panasonicfa.com>
next in thread | previous in thread | raw e-mail | index | archive | help
If you've been rooted, then the logs are probably no good. But check you wtmp for logons, and messages, and well if you don't see anything unusual there then the've prabaly been wiped. Have regained root yet? personally I would pull the box off net and backup theimportant config stuff, then blast it....but hey I tend to be a bit of an extremist in these cases... Cheers, mikel "Zaitsau, Andrei" wrote: > Hello everyone, > I have a problem, in the morning someone hacked into my computer at home. It > is ADSL Gateway running FreeBSD 3.4 , root password is changed by hacker. > Can anyone tell where on the system I can find some tracks of a hacker? > What should I check first? > Which log files? > Anyone? Please? > Thanks. > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3A3E5C33.793B5684>