View Full Version : [ubuntu] Have I been owned?
jsvidyad
December 30th, 2012, 10:07 AM
Hello,
I just read the following wiki about ubuntu security: https://wiki.ubuntu.com/BasicSecurity/DidIJustGetOwned. That got me thinking about a post I made earlier : http://ubuntuforums.org/showthread.php?t=1830859 . At that time, I had posted a copy of my syslog file and then deleted it because I was under the impression that it was not safe to post it. What do you think? Do you think there is some reason for me to get worried?
Ms. Daisy
December 30th, 2012, 05:04 PM
Worried about what? That you posted your syslog for a few minutes?
Or are you worried about the contents of the syslog? Dangertux already gave you his two cents in your previous thread.
jsvidyad
January 4th, 2013, 06:28 AM
Hello Ms. Daisy,
I recently read that ubuntu wiki article by you(the one I referred to in the first post) mentioning that suspicious time stamps in the syslog file could be an indication of a intruder break in. That reminded me about that earlier incident I reported in that earlier thread(which happened over an year ago). And that got me worried. That's why I started this thread. Now, it's true that I got that reply from Dangertux. But, I am not sure if he made that reply before I deleted the syslog file I attached and therefore if he got a chance to look at the contents of that file. I would have attached that file to this post if I had not been worried that someone could get access to my system through the contents of that file. So, I am not sure if I need to get someone else to have a look at that file and if yes, how to do it securely.
cariboo
January 4th, 2013, 09:22 AM
You can post your syslog output, without a problem, if you do a search and replace of your external ip address, any thing in the 192.168.xx.xx and 10.0.xx.xx net blocks are non-routeable (can't be accessed from the internet), if you are behind a router that uses NAT.
Ms. Daisy
January 5th, 2013, 02:51 AM
FWIW the wiki isn't "by" me, I was just one of many contributors.
jsvidyad
January 25th, 2013, 07:26 AM
You can post your syslog output, without a problem, if you do a search and replace of your external ip address, any thing in the 192.168.xx.xx and 10.0.xx.xx net blocks are non-routeable (can't be accessed from the internet), if you are behind a router that uses NAT.
Unfortunately, my computer is not behind a router and therefore that file shows its external ip address. Is it still safe to show that file?
Ms. Daisy
January 25th, 2013, 04:24 PM
Just mask the last two octets in the IP address, something like this: 204.58.x.x
Powered by vBulletin® Version 4.2.2 Copyright © 2025 vBulletin Solutions, Inc. All rights reserved.