[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Ive been hacked - they got root!

From: Jeff <jeff virgin net>
To: Redhat List <redhat-list redhat com>
Subject: Ive been hacked - they got root!
Date: Fri Jan 2 13:35:06 2004

Peeps

Just had a look at yesterdays logwatch mail and noticed that someone has
logged in as root via ssh 6 times from the IP address of the place I
work. I don't think it's been done maliciously, more of a 'look what i
did <laugh, laugh>'. I have looked at /var/log/secure and there's no
evidence in there about it so it looks like theyve covered their tracks.

Does anyone know how I can find out what they did and how to prevent
stuff like this happening again (yes - Ive already changed the
password). Ive already looked at the bash history file with no luck

Thanks

A slightly worried Jeff

Follow-Ups:
- Re: Ive been hacked - they got root!
  - From: Jeff

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]