Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Hacked

Status
Not open for further replies.
mufka

mufka

ISP
Dec 18, 2000
587
US
One of my Redhat 7.0 boxes appears to have been hacked. Two new ports show up in a scan: 53488 and 12345. I noticed that I can connect to 53488 using ssh1 and 12345 is the Netbus trojan. Is there a client that uses the netbus trojan? How could someone install ssh1?
 
Sort by date Sort by votes
After replacing top, ls and ps, I found the process t0rntd running. Any info on that?


 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

MrPB
  • Locked
  • Question
Am I being hacked/spied on?
Replies
7
Views
215
kjv1611
kjv1611
Blue407
  • Locked
  • Question
Home network hacked?
Replies
9
Views
195
Noway2
Noway2
ksbigfoot
  • Locked
  • Question
guestbook hacked
Replies
2
Views
49
ksbigfoot
ksbigfoot
jagoan
  • Locked
  • Question
Hacked by Zay
Replies
3
Views
64
smah
smah
akgta
  • Locked
  • Question
Sometime back somebody hacked my yahoo mail account
Replies
2
Views
55
electronicsfreak
electronicsfreak

Part and Inventory Search

Sponsor

Back
Top