SpikeyKlitske Posted November 16, 2004 Report Share Posted November 16, 2004 A nice clean install after this sounds like the only right solution with passwords in et all. Rather than installing yahoo messenger I would prefer to use gaim. It is a multi-protocol instant messenger servvice, easy to use and not as commercialy compromised as yahoo. Quote Link to comment Share on other sites More sharing options...
iphitus Posted November 17, 2004 Report Share Posted November 17, 2004 How can creating new accounts this time with passwords help to correct the situation ??? It would appear to me that these two users are either careless and irresponsible about what they connect to, or unknowingly have connected to contaminated sites. Surely the best response is to insist on blocking them from Yahoo crap and to educate them about what kind of sites to NOT connect to. Wanting to play games is not a really smart reason for justifying putting a computers integrity at risk regardless of player arguments. John. <{POST_SNAPBACK}> Whoa, relax. Firstly, Yahoo is not cr*p. Secondly, visiting a site in firefox or just about any Linux browser is a perfectly safe thing. There are barely any sites that carry firefox exploits (there are some) and out of the very few that you do, you have to agree to install it. And even then, the exploit is probably targetted at windows. As for YIM, same thing applies, any exploits are targetted at windows, and we're behind a decent firewall here too! Secondly they are behind a firewall and router, it would take an extreemely capable and effective cracker to pass that, then default linux security. If they did get past your firewall and router -- they would find a password a mere trifle to pass. 99% of the things out there are either virus's or script kiddies, I really doubt you have been hacked. So for this to be a hack attempt, we're looking at someone very capable. Unlikely. If you're really sure check your firewall logs for something, but if they are 'that' knowledgable, they would have cleared those out. Besides you wouldnt be a target would you? I dont think you were hacked, something else has stopped KDE from running.... As for the world writable files, they're all fine, nothing wrong there, the suid binaries? i dont know, that *is* a bit wierd. KDE not starting? Why not find out *WHY* its not starting, it doesnt just not start without a reason. Look in ~/.xsession-errors Boot knoppix or something and fsck the partitions, also do a disk check. I have a wild gut feeling that fs corruption might have done something... Thats all i've got to say iphitus Quote Link to comment Share on other sites More sharing options...
b Posted November 17, 2004 Report Share Posted November 17, 2004 Hi crazyspongebob How about status/feedback, please! Quote Link to comment Share on other sites More sharing options...
Michel Posted November 17, 2004 Report Share Posted November 17, 2004 maybe there is a setyting ina gui for this, but in /etc/pam.d you can configure from where a user can login ... better than nothing. If you say local it is difficult to fake It hink, not sure though. Quote Link to comment Share on other sites More sharing options...
crazyspongebob Posted November 19, 2004 Author Report Share Posted November 19, 2004 Hi crazyspongebobHow about status/feedback, please! <{POST_SNAPBACK}> I have deleted those two users and their home directories, and then added them back with passwords. Now it is fine. I just don't know what they did the box. The box is still running Mozilla 1.6 and no Firefox. I am testing Firefox 1.0 on my account only, not systemwide. I am thinking of installing it systemwide. I just wonder like iphitus if my system is really hacked. It's just really hard to pass both IPCop and then Shorewall with no outside connection allowed. Quote Link to comment Share on other sites More sharing options...
b Posted November 20, 2004 Report Share Posted November 20, 2004 "I just wonder like iphitus if my system is really hacked." Me too. Assuming what I sugested in a previous post came up empty or clear I would attack that machine with a recent nessus. Also would get to know that machine intimately and not forget that a wipe is peace of mind. Hope you are enjoying this. Much better then tv I find. Quote Link to comment Share on other sites More sharing options...
jagibbs Posted November 20, 2004 Report Share Posted November 20, 2004 (edited) A small detail compared to the larger situation, but... I am currently using Yahoo messenger through Kopete. It's Mandrake 10.1 though so maybe that has something to do with it. Edited November 20, 2004 by jagibbs Quote Link to comment Share on other sites More sharing options...
crazyspongebob Posted November 20, 2004 Author Report Share Posted November 20, 2004 I am currently testing out BeOS PE 5 Max on the box. I tried it about four years ago and really liked it. I haven't had time to try the Pro edition. Then Be went under. Recently, searching the net and coming across the Max Edition. I love the fast loading GUI of BeOS. I put Mozilla Firefox on and off I go. However, M$ hotmail does not let me log in using Firefox. I am posting this on the box with BeOS. But I will wipe it clean and load either Mandrake 10.0 or FC3. Thanx all, J.T. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.