Hello there, I am a rather n00bish linux administrator attempting to provide a service to my friends; a Minecraft server.
I noticed a few months ago while popping in over VNC to check on it that someone had run some commands on my box. I wanted to see where I could go to learn more about them, what happened, how they gained entry and what they planned to do.
All of my Google research has pulled up that this mechlinux is indeed associated with malware. I've given up on actually planning on salvaging the system; I plan a full on nuke of it to start again fresh. Some of my foolish mistakes were that I did not use SSL to administer the network, didn't set up a firewall, and used unsecure passwords. I will not make that mistake again, but if anyone else could help me to see exactly what happened with my system, I would be quite grateful.
tar zxfv mechlinus.tgz