Type: Posts; User: dunbrokin; Keyword(s):
Panic over....there is an evil Easter egg in Cheese...where after a certain number of photos, a voice is activated and says a number of different phrases.......So all that for nothing....now I have...
When I do an AutoScan Network, I find that my Router (10.1.1.1) has two open ports - Telnet and Http.....I presume the http is the internet connection....but why do I need the Telnet? ...and is that...
I am beginning to wonder whether the intruder came through Skype to my webcam...Skype has been acting weird lately - using up a lot of CPU so I have deleted it from my system.
But the VNC server is behind my AP with the router firewall enabled...
I am not sure that my AP is accessible from outside...how do I check that. The password is not standard....but probably not that difficult to break under repeated attachk.
tcp 1 0 pj-xxx.loc:37981 p3plpkivs-v03.any.p:www CLOSE_WAIT tcp 0 0 pj-xxx.loc:49672 wf-in-f125.:xmpp-client ESTABLISHED tcp 215 0 pj-xxx.loc:51374...
I live in remote Otago....I take your point...but chances realistically about zero, when you can cruise around Queenstown and pick up as much as you want!
Does this help any? Why would iptstate be showing nothing?
Indeed...that is what I mean by it was a tagging prank rather than a malicious intrusion.....but it still leaves me with the problem of trying to prevent it from happening again. Even if I do a fresh...
Thanks again for that....I appreciate your help. I am sure you are right in that I have not been cracked...as in that some malware was not placed on my PC. An intruder certainly was present...but ...
I am not really concerned about the personal data situation...it is more the snooping/spying on people through their webcam etc that bothers me. I am not sure what you mean by "unlikely incident"...
The Firewall and NAT service is enabled on my router. No port redirection set up on the router.
How would the admin page be accessible from outside? Not sure I understand your suggestion " please check in your AP the firewall and port redirection sections"
Is your Wireless AP the router for your net? Yes. Are you using a dynamic ip or fixed one? Dynamic Your Wireless AP is accesible via web? from inside or it's enabled the remote admin (web...
Thanks, once again, for your help.... So, after all that we are none the wiser how the intruder got in ....or how he can be stopped in the future?!
bump
To further complicate matters, my weather PC is showing at 100% CPU all the time despite the attached from "top"
From rkhunter - the same warning occurs on both machines.... [18:08:13] Warning: The file '/usr/sbin/unhide' exists on the system, but it is not present in the rkhunter.dat file. [18:08:13]...
No password between the VNC weather machine and the main PC...which, presumably, is how ge got in....
I appear to have caught a fish on my weather machine.....what do I do now? This is part of the output of chkrootkit. Checking `asp'... not infected ...
Thanks for that....here is the output...first of the main machine...then of the weather machine. ~$ sudo nmap -sT -v -p- localhost Starting Nmap 4.76 ( http://nmap.org ) at 2009-06-27 16:10...
These are the netstat results from both of my machines.
I installed it from the repositories.
I am using WEP with a secure password.....for somebody to hack into my wireless, they would have had to sit outside my house in 1 degree C last night....and as I say, I live in a remote area. It is...
But if I attach this information as you suggest, would that not give more information to a hacker when he sees it here and so make me more vulnerable.