Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Was I hacked? How do I know? =(

Status
Not open for further replies.
linuxtricks

linuxtricks

IS-IT--Management
May 24, 2000
111
US
How do I know if my Linux box was hacked?&nbsp;&nbsp;What can a newbie do to proactively monitor his network for break-ins?&nbsp;&nbsp;Specifically, what files do I look at.. and what do I look for?<br><br>Thank you in advance for any help you can supply! <p> <br><a href=mailto: > </a><br><a href= > </a><br><i>try not!</i><br>
<i>do... or do not. there is no try!</i>
 
Sort by date Sort by votes
Check out the linux_security-how-to, go to <A HREF=" TARGET="_new"> install COPS and run it, it will show you system vulnerabilities, use, TCP_Wrappers, use TripWire, there's lots of stuff you can do,&nbsp;&nbsp;Check out the downloads at Freshmeat.net or linuxberg.com. <p>Jon Zimmer<br><a href=mailto:b0rg@pcgeek.net>b0rg@pcgeek.net</a><br><a href= Aetea Information Technology</a><br>The software required `Windows 95 or better', so I installed Linux.<br>
 
Upvote 0 Downvote
Well one thing you can do is monitor all TCP/IP traffic that comes in and out of your system.&nbsp;&nbsp;This will tell you who is connecting to your machine and when,how and where.&nbsp;&nbsp;Also see if you can shut down most ftp,telnet services and web services until you learn more about protecting those protocols.&nbsp;&nbsp;You can shut them down and still be able to access the internet etc..&nbsp;&nbsp;I do not know commands because i have never used linux.&nbsp;&nbsp;also there are levels of hacking, do you think somone stole cracked the passwords on your computer....If you have a specific event that you can remember it would help to clearify it. good luck<br><br> <p>moses<br><a href=mailto:tmoses@iname.com>tmoses@iname.com</a><br><a href= my site</a><br>"In the beginning there was HTML, and it was good"<br>
by Nick Heinle, Designing with JavaScript<br>
<br>
<br>
 
Upvote 0 Downvote
If you look at the /etc/inetd.conf file and the /etc/services file you will see entries pertaining to the services (ftp,telnet,finger, etc...) that tmoses was talking about.&nbsp;&nbsp;You can shut most of these down and it won't affect how you access the net.&nbsp;&nbsp;As I said previously though, get COPS, the readme tells you what the services are and how safe it is to turn things off. It also reports system security vulnerabilities. <p>Jon Zimmer<br><a href=mailto:b0rg@pcgeek.net>b0rg@pcgeek.net</a><br><a href= Aetea Information Technology</a><br>The software required `Windows 95 or better', so I installed Linux.<br>
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
577
Sameer258
Sameer258
XLNTech1
  • Locked
  • Question
iptables port forwarding
Replies
0
Views
467
XLNTech1
XLNTech1
Sparrow4
  • Locked
  • Question
Configure Avaya IPO R11 / VM Pro + Office365 or Exchange for voicemail to email
Replies
2
Views
533
Johnkite
Johnkite
MrPB
  • Locked
  • Question
Am I being hacked/spied on?
Replies
7
Views
186
kjv1611
kjv1611
Tommy_T
  • Locked
  • Question
Sonic wall - Have an issue remotely connectioning VNC and SMB (and AFP) to one of the 2 ISP circuits
Replies
1
Views
461
nnaarrnn
nnaarrnn

Part and Inventory Search

Sponsor

Back
Top