SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Phiber Optik's again i have some "unwanted" users on my computer tyring to get into my root account... now what means would i go about to kill or kick this user offline... please help ASAP!!!!
um.... not in that sence... i own the linux box.... i dont know who this person is whom that is logged in.... how do i kick them off my linux box without restarting or pulling the internet plug???
hm.... i see.... i like your idea but unfortunently he has multiple computers and is currently at friends houses with a BUNCH of hackers... he says that he is at home on SSH but i dont know if i can believe him just yet.... regardles thanks a lot man... and if you have AIM, or GAIM IM me paintballMC117
Just kick them out. You are using slackware and you aren't rigged up...
1- Log in as root.
su
2- Kick everyone out. This kill all processes not owned by root,daemon, nobody and gdm
pkill -v -u root,daemon,nobody,gdm
3- Keep them out.
iptables -P INPUT DROP
iptables -P INPUT FORWARD DROP
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
Put these iptable rules in your firewall and they can't touch you.
Now you have to rebuild the kernel and start the cleaning process. Newer know if a backdoor is installed.
Oh and change your passwords for the affected user accounts.
Just wanted to remind that you have their IPs from the logs.
So...
There are 3 choices
- complain to someone, police(delete your warez first)
- retaliation (don't expect help with it here)
- learn more about how to defend your self
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.