|
Another user is controlling your desktop
Got on my system just before 6am this morning. It's a linux mint 10 install. I dialog poped up in the top right corner stating that another user was controlling my desktop. There was URL indicated also. The dialog only stayed up a moment so I don't remember what it was.
I had no idea who it was or how they gained access. I use WEP with a 26 character key. I've now turned on MAD ID filtering also. When I rebooted my system it wouldn't come up. GRUB return 'hd0,msdos1'. I plugged in another computer and I'm downloading the ISO to put on a thumb drive and will but from that. |
WEP is easy to break. Use WPA if possible.
|
Quote:
Pardon my tone but I'm pissed. |
They might have done more then that. I would erase and re-install and before going on the network fire up a firewall to protect against this.
Here is a simple firewall rule set that will allow you to do everything and stop any new connections that you didn't start: Code:
iptables -F |
So?
Another user on the same network as this computer, and...? Since when is being on the same LAN identical to being in control of a computer? On my LAN hundreds of other users are connected, no one is able to break in into my computer. :confused: jlinkels |
If your ssid is on the rainbow table list they can probably get in in under a minute.So Make sure you change your ssid to something not on the list(at least they will have to try harder). You might also consider changing your ssid at least once a month. Long term switching to a wired connection is the best way out. Cat6 is relatively cheap online and is not all that difficult to run.
|
Thanks to all for the support and suggestions. I'll reinstall and lock it down. Firewall, WPA, ssid changes, etc.
Lesson learned. |
You could take this one step further and setup MAC filtering and then only allow your MAC.
On my WAP I use WPA-TKIP, MAC Filtering and No Broadcast of SSID. |
Mac spoofing is really easy and not advertising the SSID does not mean that it is not broadcast. Both are good things to do but will not really give you much extra security from any attacker other than a novice.
|
All true, but not advertising your presents normally means you will be over looked.
The only time you are a target is when they know of your presents. Only good security measures will protect you in the long run. |
If the router is usable then the SSID is easily detectable.
This is just the first hit on google. |
Just turn off remote desktop.
|
Quote:
All these things are step to hide from the Hackers, not ensure that they cannot find you. If you are connected and using the connecting you will be found sooner or later. |
I'm not sure I was hacked now. The system still will not boot off the hard drive even after doing several reinstalls. I wonder if a hardware failure is what prevented the reboot. Could the intrusion have been coincidental? I've heard it's possible to remotely break hardware but I'm not quite paranoid enough to believe I would be targeted for such a malicious attack.
The system will boot off a usb drive but not reliably. Sometime is boots and other times it hangs. And I always have hit 'tab' at the grub prompt and manually enter 'live' for it to work at all. (that was with mint linux 10) It only boots reliable from a DVD live disk. Trying to boot the hard drive installation and Grub returns "error: hd0,msdos1 disk read error" > that may not be the exact syntax. I mounted the hard drive from a live usb session and it took a really long time to copy some relatively small files -> 60 seconds for file less that 100k. That led me to consider maybe the hard drive was going bad. However, I tried OS installation with a different hard drive and it also would not boot. I think I'm hosed. |
That box is for sure hosed. I swapped disk from a system that was booting fine and it wouldn't boot. I'm guessing there's something buggy in the the SATA controller, except that doesn't explain why it seems to run fine from DVD. Oh well.
|
| All times are GMT -5. The time now is 09:26 PM. |