[lug] HACKED!

stimits at comcast.net stimits at comcast.net
Mon Feb 27 15:11:34 MST 2012


Hi,

Looks like you already solved this, but wanted to suggest something:
If you really want to know about such things, and doubt the machine you
are working on, snort is a very good tool for detecting what is happening.
You'd have to install it on another machine. Hmm...maybe a port to
Android with wifi bridging... :)

Also, I'd go to /etc/, and use recursive egrep on that dotted-decimal
IP address, e.g.,
egrep -R '1.2.3.4'
(technically you'd want to escape the '.', but in practicality you won't
see false positives on such unique numbers as IP addresses).

D. Stimits, stimits AT comcast DOT net
...

"The difference between genius and stupidity is that genius has it's limits"  Albert Einstein
                           
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lug.boulder.co.us/pipermail/lug/attachments/20120227/119b0dc7/attachment.html>


More information about the LUG mailing list