 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
Bob BLU wrote:
> I'm also curious to see it either of these root kit checkers picked it up...
FYI -
I tried both rkhunter and the chrootkit and neither detected
anything. After some consideration, I believe that my machine was not
the one that was compromised, but rather that some other machine that I
logged into my machine _from_ had the keylogger. The evidence indicates
that the nefarious person(s) had my username & password, but perhaps had
not ever logged into my machine. As I stated earlier, this machine only
had 2 accounts on it, and neither had guessable passwords (and the
account that wasn't root was 'grant', which I would guess is an unlikely
login for any machine to waste a brute-force on).
The concern here is that I am regularly logging into this machine
from other machines around the world, and I will have to continue to do
so. I think my only choice here is an incredibly unpriviledged account
that can still get access to what I need off of my machine or to put
files onto my machine. It will make things a royal pain to deal with,
but I think it's my only really option.
-=Grant M=-
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
