[NTLUG:Discuss] Have I been hacked?
Bobby Sanders
ssanders at vzinet.com
Wed Apr 10 00:20:52 CDT 2002
On April 5th LogWatch shows:
Connections:
Service in.telnetd:
216.139.215.3: 1 Time(s)
On April 9th LogWatch shows:
--------------------- sendmail Begin ------------------------
676590 bytes transferred
96 messages sent
**Unmatched Entries**
gethostbyaddr(206.50.48.104) failed: 2
---------------------- sendmail End -------------------------
I've never sent 96 messages at once on purpose. (This machine is not
on a local area network.)
Have I been hacked? If so, how do I locate and stop it. I don't need
telnet services into the machine but have left the RH 6.2 in its
default configuration. I have always felt relatively safe since my ISP
assigns dynamic dotted quads.
Guess I need to change my attitude! :( bummer.
As usual, all help will be greatly appreciated.
Bobby
More information about the Discuss
mailing list