LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   I'm probably being HACKED, help !! (https://www.linuxquestions.org/questions/linux-security-4/im-probably-being-hacked-help-222692/)

jmr0311 08-26-2004 11:00 AM
I'm probably being HACKED, help !!
 
What is .ICEauthority hidden file in my home directory ? . I notice my machine a little slow, and I'm wondering if my system is being compromise. I'm not running any server, and there is only one user, ME. I read this line " MIT-MAGIC-COOKIE " inside that file. In one instance I notice around three hidden files with this name " .dcopserver_localhost_0 " and all of the sudden they disappear in front of my eyes. Can anyone help me understand what's going on?
I notice something. This is the way when I open terminal that the first line in terminal use to look;
[jmr0311@home-desktop jmr0311]$

Now, after I seen all this unexplicable behavior in my system I notice the line in terminal has change to this;
[jmr0311@localhost jmr0311]$

I haven't done any change to my system. How that got change without the intervention of someone ? I being running my mandrake system for about three month using the way it was [jmr0311@home-desktop jmr0311]$ without any problem. Why now the system decide to change on its own or perhaps maybe someone did it. Just a note, the last application I install in my system was 'Firestarter". I don't know if this had anything to do with the change.

Javi

Capt_Caveman 08-26-2004 03:18 PM
The .ICEauthority, .dcopserver, and MIT-MAGIC-COOKIE are all normal files for a system that uses XWindows and are involved in authentication. Checkout the man pages for X and Xsecurity for specific info on what the files do. The change in command prompt probably has to do with either a change in the hostname or X's inability to find out what it's own hostname is. Try turning off the firewall temporarily and then restarting X. Also check the system logs, error logs and XFree logs for any relevant error messages. Also verify that the systems hostname has not been reset.

jmr0311 08-26-2004 04:16 PM
The hostname got change, cause I was looking in " /etc/hosts " and this is what it say's now ;
Quote:
127.0.0.1 localhost
This is the content of " .xsession-errors " from my system;

Quote:
Failed to load groupfile:
apps file failure
BScreen::BScreen: managing screen 0 using visual 0x23, depth 24
Xlib: extension "RANDR" missing on display ":0.0".
Warning: Failed to read WM Protocols.
Failed to load groupfile:
apps file failure
BScreen::BScreen: an error occured while querying the X server.
another window manager is already running on display %s.
:0.0
Error: Couldn't find screens to manage.
Make sure you don't have another window manager running.

** (firestarter:4037): WARNING **: gdk_keyboard_grab returned 3
NETFILTER detected
iptables v1.2.9: host/network `HOME-DESKTOP' not found
Try `iptables -h' or 'iptables --help' for more information.
Firewall started
QPixmap: Cannot create a QPixmap when no GUI is being used
QPixmap: Cannot create a QPixmap when no GUI is being used
QPixmap: Cannot create a QPixmap when no GUI is being used
QPixmap: Cannot create a QPixmap when no GUI is being used
kbuildsycoca running...
kded: WARNING: KGenericFactory: instance requested but no instance name passed to the constructor!
kded: WARNING: KGenericFactory: instance requested but no instance name passed to the constructor!
Mutex destroy failure: Device or resource busy
ICE default IO error handler doing an exit(), pid = 4331, errno = 2
QPixmap: Cannot create a QPixmap when no GUI is being used
QPixmap: Cannot create a QPixmap when no GUI is being used
QPixmap: Cannot create a QPixmap when no GUI is being used
QPixmap: Cannot create a QPixmap when no GUI is being used
kbuildsycoca running...
kded: WARNING: KGenericFactory: instance requested but no instance name passed to the constructor!
kded: WARNING: KGenericFactory: instance requested but no instance name passed to the constructor!
Mutex destroy failure: Device or resource busy
ICE default IO error handler doing an exit(), pid = 4479, errno = 2
ICE default IO error handler doing an exit(), pid = 4484, errno = 0
QPixmap: Cannot create a QPixmap when no GUI is being used
QPixmap: Cannot create a QPixmap when no GUI is being used
QPixmap: Cannot create a QPixmap when no GUI is being used
QPixmap: Cannot create a QPixmap when no GUI is being used
kbuildsycoca running...
kded: WARNING: KGenericFactory: instance requested but no instance name passed to the constructor!
kded: WARNING: KGenericFactory: instance requested but no instance name passed to the constructor!
Mutex destroy failure: Device or resource busy
ICE default IO error handler doing an exit(), pid = 4509, errno = 0
ICE default IO error handler doing an exit(), pid = 4504, errno = 2
QPixmap: Cannot create a QPixmap when no GUI is being used
QPixmap: Cannot create a QPixmap when no GUI is being used
QPixmap: Cannot create a QPixmap when no GUI is being used
QPixmap: Cannot create a QPixmap when no GUI is being used
kbuildsycoca running...
kded: WARNING: KGenericFactory: instance requested but no instance name passed to the constructor!
kded: WARNING: KGenericFactory: instance requested but no instance name passed to the constructor!
Mutex destroy failure: Device or resource busy
ICE default IO error handler doing an exit(), pid = 4556, errno = 2
ICE default IO error handler doing an exit(), pid = 4562, errno = 0
QPixmap: Cannot create a QPixmap when no GUI is being used
QPixmap: Cannot create a QPixmap when no GUI is being used
QPixmap: Cannot create a QPixmap when no GUI is being used
QPixmap: Cannot create a QPixmap when no GUI is being used
kbuildsycoca running...
kded: WARNING: KGenericFactory: instance requested but no instance name passed to the constructor!
kded: WARNING: KGenericFactory: instance requested but no instance name passed to the constructor!
QMetaObject::findSignal:KFileDetailView: Conflict with QListView::doubleClicked(QListViewItem*,const QPoint&,int)
kio (KIOConnection): ERROR: Header read failed, errno=104
kio (KIOConnection): ERROR: Header has invalid size (-1)
kio (KIOConnection): ERROR: Header read failed, errno=104
kio (KIOConnection): ERROR: Header has invalid size (-1)
kio (KLauncher): ERROR: SlavePool: No communication with slave.
Mutex destroy failure: Device or resource busy
QPixmap: Cannot create a QPixmap when no GUI is being used
QPixmap: Cannot create a QPixmap when no GUI is being used
ICE default IO error handler doing an exit(), pid = 4598, errno = 2
ICE default IO error handler doing an exit(), pid = 4616, errno = 0
ICE default IO error handler doing an exit(), pid = 4603, errno = 0
QPixmap: Cannot create a QPixmap when no GUI is being used
QPixmap: Cannot create a QPixmap when no GUI is being used
kbuildsycoca running...
kded: WARNING: KGenericFactory: instance requested but no instance name passed to the constructor!
kded: WARNING: KGenericFactory: instance requested but no instance name passed to the constructor!
Mutex destroy failure: Device or resource busy
ICE default IO error handler doing an exit(), pid = 4631, errno = 2
ICE default IO error handler doing an exit(), pid = 4636, errno = 0
QPixmap: Cannot create a QPixmap when no GUI is being used
QPixmap: Cannot create a QPixmap when no GUI is being used
QPixmap: Cannot create a QPixmap when no GUI is being used
QPixmap: Cannot create a QPixmap when no GUI is being used
kbuildsycoca running...
kded: WARNING: KGenericFactory: instance requested but no instance name passed to the constructor!
kded: WARNING: KGenericFactory: instance requested but no instance name passed to the constructor!
Mutex destroy failure: Device or resource busy
QPixmap: Cannot create a QPixmap when no GUI is being used
QPixmap: Cannot create a QPixmap when no GUI is being used
QPixmap: Cannot create a QPixmap when no GUI is being used
QPixmap: Cannot create a QPixmap when no GUI is being used
kbuildsycoca running...
kded: WARNING: KGenericFactory: instance requested but no instance name passed to the constructor!
kded: WARNING: KGenericFactory: instance requested but no instance name passed to the constructor!
ICE default IO error handler doing an exit(), pid = 4664, errno = 2
ICE default IO error handler doing an exit(), pid = 4669, errno = 0
Mutex destroy failure: Device or resource busy
ICE default IO error handler doing an exit(), pid = 4683, errno = 2
ICE default IO error handler doing an exit(), pid = 4688, errno = 0
gDesklets 0.26
Copyright (C) 2003, 2004 Martin Grimme, Christian Meyer, Jesse Andrews

This software is licensed under the terms of the GNU GPL.

OPTS:: [] REST:: []
[/home/jmr0311/Desklets/SysInfo/sysinfo.display]
Unknown tag: metha
[/home/jmr0311/Desklets/GoodWeather/GoodWeather.display]
Getting website...
<_sre.SRE_Match object at 0x413cb8e0>
Stinson Field
<_sre.SRE_Match object at 0x416156e0>
Thursday
===================================================
<_sre.SRE_Match object at 0x412f1e60>
SSE
Observation: ( @San Antonio, 14:53 CDT Thu 26 Aug 04 )
( with 0 forecasts )
icon : 34
sky : Fair
temperature : 35 °C
relative_heat : 38 °C
dewpoint : 18 °C
visibility : 10.0 km
uv : 9
pollution : 0
wind : SSE
wind_speed : 19 kph
reverse_wind_arrows : 0
wind_icon : wind_icons/weak/SSE.png
humidity : 37 %
pressure : 1013 mbar
pressure_change : falling
<_sre.SRE_Match object at 0x4161b098>
+++++++++++++++++++Today's Forecast++++++++++++++++++++++++
Forecast: Thu ( date=Aug 26 )
icon : 33
sky : Mostly clear
temperature_low : 23 °C
temperature_high: N/A
uv : N/A
pollution : 0
wind_speed : 0 kph
wind : Calm
humidity : 0 %
rain : 0 %
pressure : 0 mbar
pressure_change : N/A
sunrise : N/A
sunset : N/A
Forecast: Fri ( date=Aug 27 )
icon : 30
sky : Partly cloudy
temperature_low : 23 °C
temperature_high: 36 °C
uv : N/A
pollution : 0
wind_speed : 0 kph
wind : Calm
humidity : 0 %
rain : 0 %
pressure : 0 mbar
pressure_change : N/A
sunrise : N/A
sunset : N/A
Forecast: Sat ( date=Aug 28 )
icon : 30
sky : Partly cloudy
temperature_low : 21 °C
temperature_high: 34 °C
uv : N/A
pollution : 0
wind_speed : 0 kph
wind : Calm
humidity : 0 %
rain : 10 %
pressure : 0 mbar
pressure_change : N/A
sunrise : N/A
sunset : N/A
Forecast: Sun ( date=Aug 29 )
icon : 38
sky : Scattered t-storms
temperature_low : 21 °C
temperature_high: 31 °C
uv : N/A
pollution : 0
wind_speed : 0 kph
wind : Calm
humidity : 0 %
rain : 40 %
pressure : 0 mbar
pressure_change : N/A
sunrise : N/A
sunset : N/A
Forecast: Mon ( date=Aug 30 )
icon : 38
sky : Scattered t-storms
temperature_low : 21 °C
temperature_high: 30 °C
uv : N/A
pollution : 0
wind_speed : 0 kph
wind : Calm
humidity : 0 %
rain : 40 %
pressure : 0 mbar
pressure_change : N/A
sunrise : N/A
sunset : N/A
Getting website...
<_sre.SRE_Match object at 0x413cb8e0>
Stinson Field
<_sre.SRE_Match object at 0x416159a0>
Thursday
===================================================
<_sre.SRE_Match object at 0x412f1e60>
SE
Observation: ( @San Antonio, 15:53 CDT Thu 26 Aug 04 )
( with 0 forecasts )
icon : 34
sky : Fair
temperature : 35 °C
relative_heat : 37 °C
dewpoint : 17 °C
visibility : 10.0 km
uv : 7
pollution : 0
wind : SE
wind_speed : 19 kph
reverse_wind_arrows : 0
wind_icon : wind_icons/weak/SE.png
humidity : 33 %
pressure : 1013 mbar
pressure_change : falling
<_sre.SRE_Match object at 0x4161b098>
+++++++++++++++++++Today's Forecast++++++++++++++++++++++++
Forecast: Thu ( date=Aug 26 )
icon : 33
sky : Mostly clear
temperature_low : 23 °C
temperature_high: N/A
uv : N/A
pollution : 0
wind_speed QPixmap: Cannot create a QPixmap when no GUI is being used
QPixmap: Cannot create a QPixmap when no GUI is being used
QPixmap: Cannot create a QPixmap when no GUI is being used
QPixmap: Cannot create a QPixmap when no GUI is being used
kbuildsycoca running...
kded: WARNING: KGenericFactory: instance requested but no instance name passed to the constructor!
kded: WARNING: KGenericFactory: instance requested but no instance name passed to the constructor!
Mutex destroy failure: Device or resource busy
ICE default IO error handler doing an exit(), pid = 4733, errno = 0
ICE default IO error handler doing an exit(), pid = 4738, errno = 0
QPixmap: Cannot create a QPixmap when no GUI is being used
QPixmap: Cannot create a QPixmap when no GUI is being used
QPixmap: Cannot create a QPixmap when no GUI is being used
QPixmap: Cannot create a QPixmap when no GUI is being used
kbuildsycoca running...
kded: WARNING: KGenericFactory: instance requested but no instance name passed to the constructor!
kded: WARNING: KGenericFactory: instance requested but no instance name passed to the constructor!
Mutex destroy failure: Device or resource busy
ICE default IO error handler doing an exit(), pid = 4756, errno = 2
ICE default IO error handler doing an exit(), pid = 4764, errno = 0
QPixmap: Cannot create a QPixmap when no GUI is being used
QPixmap: Cannot create a QPixmap when no GUI is being used
QPixmap: Cannot create a QPixmap when no GUI is being used
QPixmap: Cannot create a QPixmap when no GUI is being used
kbuildsycoca running...
kded: WARNING: KGenericFactory: instance requested but no instance name passed to the constructor!
kded: WARNING: KGenericFactory: instance requested but no instance name passed to the constructor!


All times are GMT -5. The time now is 10:48 AM.