LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > General
User Name
Password
General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!

Notices


Reply
  Search this Thread
Old 11-19-2021, 04:17 AM   #1
abtthj
LQ Newbie
 
Registered: Nov 2021
Posts: 7

Rep: Reputation: Disabled
Angry I keep getting hacked


I have gotten hacked multiple times in the past decade. The Hacker, who is suspected to be my relative's friend. He is able to hack me in under 3 days. I think he uses brute force. Even, If I change it every 3 days. He is still able to hack it. Even if it is long and uses Captial Letters.

In my bin directory there is something called logger. Which does nothing except empty the terminal and make you write in it. It was running as a bg proccess with the RSS logo.

Yesterday, he came for a dinner party and when I came back it was still on and new apps were open. This was the first time I had accidentally left it on.

I have seen a lot of other people, with a relative's friend or relative doing this to them. Help!
 
Old 11-19-2021, 05:07 AM   #2
rkelsen
Senior Member
 
Registered: Sep 2004
Distribution: slackware
Posts: 3,189
Blog Entries: 4

Rep: Reputation: 1446Reputation: 1446Reputation: 1446Reputation: 1446Reputation: 1446Reputation: 1446Reputation: 1446Reputation: 1446Reputation: 1446Reputation: 1446
I keep getting hacked

Wipe your computer and reinstall the operating system. Turn off any services you don't need. Set up a firewall.
 
Old 11-19-2021, 05:17 AM   #3
yancek
LQ Guru
 
Registered: Apr 2008
Distribution: PCLinux, Slackware
Posts: 9,584

Rep: Reputation: 2150Reputation: 2150Reputation: 2150Reputation: 2150Reputation: 2150Reputation: 2150Reputation: 2150Reputation: 2150Reputation: 2150Reputation: 2150Reputation: 2150
In addition to the very good suggestion in post 2, I would suggest you not have contact with him much less invite him over for a dinner party??

Also, what was his response when you broached the subject with him directly.
 
Old 11-19-2021, 04:18 PM   #4
dugan
LQ Guru
 
Registered: Nov 2003
Location: Canada
Distribution: distro hopper
Posts: 10,188

Rep: Reputation: 4752Reputation: 4752Reputation: 4752Reputation: 4752Reputation: 4752Reputation: 4752Reputation: 4752Reputation: 4752Reputation: 4752Reputation: 4752Reputation: 4752
Complain to your relative, and also ask both of them to please not use your computer when they’re guests.

Last edited by dugan; 11-19-2021 at 04:54 PM.
 
Old 11-19-2021, 05:21 PM   #5
enorbet
Senior Member
 
Registered: Jun 2003
Location: Virginia
Distribution: Slackware = Main OpSys
Posts: 3,932

Rep: Reputation: 3735Reputation: 3735Reputation: 3735Reputation: 3735Reputation: 3735Reputation: 3735Reputation: 3735Reputation: 3735Reputation: 3735Reputation: 3735Reputation: 3735
The easiest way to "hack" a PC is physical access, so don't allow him near your PC, and ideally logoff when you're not around. Use a serious password for yoour Username and an even better one for root. Still, despite an increase in scamming, phishing, hacking, etc since Covid Lockdown, the highest percentage of passwords are still commonly like "qwerty", "123456" etc. Don't do that! Choose one that is actually relatively secure mixing lower case and capital letters with numbers and preferably not a common word or phrase. If you must, use a password manager or even write them down if you can secrete the list where it is unlikely to be discovered.

For guarding against external hacks, a solid firewall is a must. It's a good idea to check every now and then for rootkits. I wouldn't be concerned in 2021 about anything other than rootkits like malware and viruses. The above practices worked perfectly for me even when I ran a public Minecraft server up 24/7 for almost 2 years. There were attempts. None succeeded.
 
Old 11-19-2021, 05:48 PM   #6
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 24,292

Rep: Reputation: 7138Reputation: 7138Reputation: 7138Reputation: 7138Reputation: 7138Reputation: 7138Reputation: 7138Reputation: 7138Reputation: 7138Reputation: 7138Reputation: 7138
Quote:
Originally Posted by abtthj View Post
I have gotten hacked multiple times in the past decade. The Hacker, who is suspected to be my relative's friend. He is able to hack me in under 3 days. I think he uses brute force. Even, If I change it every 3 days. He is still able to hack it. Even if it is long and uses Captial Letters.

In my bin directory there is something called logger. Which does nothing except empty the terminal and make you write in it. It was running as a bg proccess with the RSS logo.

Yesterday, he came for a dinner party and when I came back it was still on and new apps were open. This was the first time I had accidentally left it on.

I have seen a lot of other people, with a relative's friend or relative doing this to them. Help!
Help with what, exactly??? You claim to invite this 'hacker' into your house, and leave them unattended with your computer...which was ostensibly logged in as you, and turned on?? And you're somehow SURPRISED they did something? Did it ever occur to you that this 'hacker' simply set up their own user account on your system?? You claim that 'new apps' were open...did they get INSTALLED, or did they just use your computer? Anything in the way of proof? Since you're asserting that you're being 'hacked', what evidence do you see of it? Data deleted?? Malware? What??

And you're also aware that logger is an actual Linux command, right???
https://man7.org/linux/man-pages/man1/logger.1.html

This goes with the many other "I've been hacked, and they're so skilled they leave traces EVERYWHERE, and I know who they are, but I need help!" threads that are on this site.
 
Old 11-19-2021, 06:51 PM   #7
enigma9o7
Member
 
Registered: Jul 2018
Location: Silicon Valley
Distribution: Bodhi Linux
Posts: 736

Rep: Reputation: 269Reputation: 269Reputation: 269
Quote:
Originally Posted by abtthj View Post
In my bin directory there is something called logger. Which does nothing except empty the terminal and make you write in it
It can do more than that. Read the man page. It is used for adding things to system logs.
Code:
man logger
Quote:
Originally Posted by abtthj View Post
I have seen a lot of other people, with a relative's friend or relative doing this to them. Help!
What exactly are you seeing? You are seeing your relative or his friend hacking people? If you don't want to see, don't hang out with him anymore.

Or are you saying you see people getting hacked? Where are you seeing this? What does it look like? Maybe don't go there anymore, I've lived my whole live and never seen that happen to anyone, certainly not lots of people.

Last edited by enigma9o7; 11-19-2021 at 06:55 PM.
 
Old 11-20-2021, 02:55 AM   #8
ondoho
LQ Addict
 
Registered: Dec 2013
Posts: 18,127
Blog Entries: 12

Rep: Reputation: 5521Reputation: 5521Reputation: 5521Reputation: 5521Reputation: 5521Reputation: 5521Reputation: 5521Reputation: 5521Reputation: 5521Reputation: 5521Reputation: 5521
Quote:
Originally Posted by abtthj View Post
I have gotten hacked multiple times in the past decade. The Hacker, who is suspected to be my relative's friend. He is able to hack me in under 3 days. I think he uses brute force. Even, If I change it every 3 days. He is still able to hack it. Even if it is long and uses Captial Letters.

In my bin directory there is something called logger. Which does nothing except empty the terminal and make you write in it. It was running as a bg proccess with the RSS logo.

Yesterday, he came for a dinner party and when I came back it was still on and new apps were open. This was the first time I had accidentally left it on.

I have seen a lot of other people, with a relative's friend or relative doing this to them. Help!
Nothing in the first 2 paragraphs makes any sense, except that one might have seen similar scenes in a cheap movie.

If you aren't trolling us, provide a real problem description please.
 
Old 11-25-2021, 11:31 AM   #9
cynwulf
Senior Member
 
Registered: Apr 2005
Location: Walsall, UK
Posts: 2,692
Blog Entries: 6

Rep: Reputation: 2276Reputation: 2276Reputation: 2276Reputation: 2276Reputation: 2276Reputation: 2276Reputation: 2276Reputation: 2276Reputation: 2276Reputation: 2276Reputation: 2276
Quote:
Originally Posted by abtthj View Post
I have seen a lot of other people, with a relative's friend or relative doing this to them. Help!
Yes, happens to me all the time... those damned relatives and/or relatives' friends just waltzing in and hacking into my computers...

These relatives and or relatives' friends, assuming they have physical access don't need to "hack" you. The can simply reboot into single user mode and change the root and or user account passwords... if someone has physical access to the box - it's game over.

Last edited by cynwulf; 11-25-2021 at 12:48 PM.
 
Old 11-25-2021, 11:53 AM   #10
wpeckham
Senior Member
 
Registered: Apr 2010
Location: Continental USA
Distribution: Debian, Ubuntu, RedHat, DSL, Puppy, CentOS, Knoppix, Mint-DE, Sparky, VSIDo, tinycore, Q4OS,Manjaro
Posts: 4,085

Rep: Reputation: 1893Reputation: 1893Reputation: 1893Reputation: 1893Reputation: 1893Reputation: 1893Reputation: 1893Reputation: 1893Reputation: 1893Reputation: 1893Reputation: 1893
1. Do not assume you are hacked. Often, there are other explanations for what you see.

2. Do not assume you know the hacker. You may, but few hackers leave a signature with their name and address. Some DO leave names and addresses, but as deception: not their own.

3. Do not open yourself or your machines to breaking. Use decent security practices, implement intrusion detection (preferably with logging to a remote node such as another machine, cloud storage, etc) so you can examine it later and detect WHEN and WHERE you were hacked. This will help you detect WHO hacked in.

4. Keep a recovery book (As field engineers, we call it a continuity document) that documents the basic hardware and any changes you make, the software that is significant, and the settings. Using this document you should be able to replace or reload the machine on new or cleaned iron fairly quickly if it is breached.

5. Maintain ROTATING BACKUPS so that you can restore critical files from a day, or two days, or three days, or last week, or last month at will. Not your entire machine, but just your custom or unique software, documents, and any important data. If it is REALLY important make sure you have one copy offsite (in the cloud perhaps) so you or someone you designate can get to it should your machine be down or compromised, and you need it.

OR, you can skip most of that and just reload your machines completely and often and store NOTHING on them that will compromise you to lose of have stolen. running something like TinyCore or Puppy Linux from a USB key that you keep on your person is certainly an option.

If any or all of that seems like overkill, consider that it is less stressful than the time and worry you have put into this so far!
 
Old 11-26-2021, 12:08 AM   #11
abtthj
LQ Newbie
 
Registered: Nov 2021
Posts: 7

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by TB0ne View Post
Help with what, exactly??? You claim to invite this 'hacker' into your house, and leave them unattended with your computer...which was ostensibly logged in as you, and turned on?? And you're somehow SURPRISED they did something? Did it ever occur to you that this 'hacker' simply set up their own user account on your system?? You claim that 'new apps' were open...did they get INSTALLED, or did they just use your computer? Anything in the way of proof? Since you're asserting that you're being 'hacked', what evidence do you see of it? Data deleted?? Malware? What??

And you're also aware that logger is an actual Linux command, right???
https://man7.org/linux/man-pages/man1/logger.1.html

This goes with the many other "I've been hacked, and they're so skilled they leave traces EVERYWHERE, and I know who they are, but I need help!" threads that are on this site.
My Relative brought him. I didn't invite him and kept calm near him.
 
Old 11-26-2021, 05:48 AM   #12
yancek
LQ Guru
 
Registered: Apr 2008
Distribution: PCLinux, Slackware
Posts: 9,584

Rep: Reputation: 2150Reputation: 2150Reputation: 2150Reputation: 2150Reputation: 2150Reputation: 2150Reputation: 2150Reputation: 2150Reputation: 2150Reputation: 2150Reputation: 2150
Quote:
My Relative brought him. I didn't invite him and kept calm near him.
In your initial post, you seem to indicate that this individual has "hacked" your computer on multiple occasions over the past decade. If you had some evidence of this, did you show it to your friend and explain it to him and ask him not to bring this person to your home again?

You have been given a lot of suggestions in the posts above that would help to prevent such behavior from occurring and most of it is advice that would be easily available with a simple online search. You've basically posted generalities with no specific evidence. If this has been going on for a decade, the least you would be expected to do is speak with your relative about not bringing the friend to your home after presenting him with some evidence of the alleged culprits activities.
 
Old 11-26-2021, 09:23 AM   #13
dugan
LQ Guru
 
Registered: Nov 2003
Location: Canada
Distribution: distro hopper
Posts: 10,188

Rep: Reputation: 4752Reputation: 4752Reputation: 4752Reputation: 4752Reputation: 4752Reputation: 4752Reputation: 4752Reputation: 4752Reputation: 4752Reputation: 4752Reputation: 4752
Are you using a screen locker? For example: a screen saver that only goes away if you enter a password?
 
Old 11-26-2021, 11:14 AM   #14
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 24,292

Rep: Reputation: 7138Reputation: 7138Reputation: 7138Reputation: 7138Reputation: 7138Reputation: 7138Reputation: 7138Reputation: 7138Reputation: 7138Reputation: 7138Reputation: 7138
Quote:
Originally Posted by abtthj View Post
My Relative brought him. I didn't invite him and kept calm near him.
Again: you have provided zero evidence that you've been 'hacked', and still haven't provided any details about the actual situation. Saying "new apps were open" is meaningless. If this 'hacker' is known to you, what do you need from us?? Tell them not to come to your house...your problem is now solved.
 
  


Reply

Tags
family, hacked, logger, relative


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] is it possible to keep pan instance keep running remotely ssh matters Slackware 8 02-25-2011 09:54 AM
[SOLVED] My network is hacked for sure. I want to reinstall but it will be hacked again. MsRefusenik Linux - Security 19 10-18-2010 06:02 PM
keep getting disconnected, keep having to invoke dhclient funkymunky Linux - Wireless Networking 1 04-01-2007 11:36 AM
Got Hacked... fedora is keep sending stuff out at port 6664 woranl Linux - Security 19 12-26-2005 06:31 PM
/var/log/messages keep repeating this message, am i hacked? grant-skywalker Linux - Security 3 12-10-2005 01:36 PM

LinuxQuestions.org > Forums > Non-*NIX Forums > General

All times are GMT -5. The time now is 04:39 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration