well... yes, it all sounds quite strange, at least for the ghostly dhcpd launch... I might even try to believe that a program could need some info in the netstat result, but dhcpd...
Quote:
i think my machine should be quite secure. my firewall is almost completely stealthed.
|
it's a good start, but it's not the security panacea. Running programs with root privileges might make your firewall useless.
As far as I know, there are no explicit reasons to believe you've been hacked, just strong suspects.
All I can suggest you is to disconnect the computer from the internet, clone the HD (for research purposes) and try to see if you get some info in the /var/log directory.
You can also use some interesting tools like chkrootkit, rkhunter (rookit hunter) or tiger.