Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Our system was hacked
Special Forums Cybersecurity Our system was hacked Post 303037161 by MadeInGermany on Thursday 25th of July 2019 03:13:26 AM
Old 07-25-2019
Look in root's homedir for .history .bash_history or similar files.
Run the history command in the respective shell(s).

Ordinary system logins are listed with the last command.

Consult the system logs, for system access and unusual events.
Is there a su or sudo log in /var/log/ or /var/adm/?
Do you happen to have system accounting (sa) running?

Run netstat -a and look for LISTEN; what services are running that use the ports?
Do these services have extra logs?

How good is your root pw? The longer the better.
Did you switch from the 13byte Unix crypt to another crypt that allows longer pws?

Are you sure your system was hacked at all?
Maybe there was a fatal human error like
Code:
tar cf - dir | tar xf -

where the read files are already opened for writing, and such data corruptions can occur.
This User Gave Thanks to MadeInGermany For This Post:
drl
 

3 More Discussions You Might Find Interesting

1. Linux

pc hacked

Hi, i think someone has hacked my server, the following rules used to come which i haven't put. Please help me i couldnt find out how this rules are apply, i think someone has put an script which generates enables the rules. But after restarting the iptables everything seems to be working... (0 Replies)
Discussion started by: naik_mit
0 Replies

2. Cybersecurity

How to know when you've been hacked

One of the most important ways to keep tou machine secure is to know when it has been broken into. The less time hackers have on your system, the less they can do to it, and the greater you chancens of kicking them off and repairing the damage. The more sophisticated the hacker, the less likely... (8 Replies)
Discussion started by: binhnx2000
8 Replies

3. Cybersecurity

Server hacked on known port

Hi, There is a recent case whereby it was reported that one of the production servers was hacked on port 1521. However, I am not sure how this was possible, as I checked that the OS firewall (iptables) is on : # /etc/init.d/iptables status Table: nat Chain PREROUTING (policy ACCEPT) num ... (7 Replies)
Discussion started by: anaigini45
7 Replies

LEARN ABOUT DEBIAN

net::irc::dcc

DCC(3pm)						User Contributed Perl Documentation						  DCC(3pm)

NAME

       Net::IRC::DCC - Object-oriented interface to a single DCC connection

SYNOPSIS

       Hard hat area: This section under construction.

DESCRIPTION

       This documentation is a subset of the main Net::IRC documentation. If you haven't already, please "perldoc Net::IRC" before continuing.

       Net::IRC::DCC defines a few subclasses that handle DCC CHAT, GET, and SEND requests for inter-client communication. DCC objects are created
       by "Connection->new_{chat,get,send}()" in much the same way that "IRC->newconn()" creates a new connection object.

METHOD DESCRIPTIONS

       This section is under construction, but hopefully will be finally written up by the next release. Please see the "irctest" script and the
       source for details about this module.

AUTHORS

       Conceived and initially developed by Greg Bacon <gbacon@adtran.com> and Dennis Taylor <dennis@funkplanet.com>.

       Ideas and large amounts of code donated by Nat "King" Torkington <gnat@frii.com>.

       Currently being hacked on, hacked up, and worked over by the members of the Net::IRC developers mailing list. For details, see
       http://www.execpc.com/~corbeau/irc/list.html .

URL

       Up-to-date source and information about the Net::IRC project can be found at http://netirc.betterbox.net/ .

SEE ALSO

       o   perl(1).

       o   RFC 1459: The Internet Relay Chat Protocol

       o   http://www.irchelp.org/, home of fine IRC resources.

perl v5.8.8							    2008-01-24								  DCC(3pm)
All times are GMT -4. The time now is 08:08 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy