Phiber Optik's again i have some "unwanted" users on my computer tyring to get into my root account... now what means would i go about to kill or kick this user offline... please help ASAP!!!!

killing a user offline sounds rather illegal.

um.... not in that sence... i own the linux box.... i dont know who this person is whom that is logged in.... how do i kick them off my linux box without restarting or pulling the internet plug???

if you know their IP-nr.'s ( might be in /var/log/messages ) you can put those in " /etc/hosts.deny. "

egag

hm.... i see.... i like your idea but unfortunently he has multiple computers and is currently at friends houses with a BUNCH of hackers... he says that he is at home on SSH but i dont know if i can believe him just yet.... regardles thanks a lot man... and if you have AIM, or GAIM IM me paintballMC117

Why not kill sshd?

Just kick them out. You are using slackware and you aren't rigged up...

1- Log in as root.
su
2- Kick everyone out. This kill all processes not owned by root,daemon, nobody and gdm
pkill -v -u root,daemon,nobody,gdm
3- Keep them out.
iptables -P INPUT DROP
iptables -P INPUT FORWARD DROP
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

Put these iptable rules in your firewall and they can't touch you.

Now you have to rebuild the kernel and start the cleaning process. Newer know if a backdoor is installed.


Then it's time for pay back. ;-)

Oh if it is only 1 user

pkill -u user and all his processes die.

Oh and change your passwords for the affected user accounts.

Just wanted to remind that you have their IPs from the logs.

So...

There are 3 choices
- complain to someone, police(delete your warez first)
- retaliation (don't expect help with it here)
- learn more about how to defend your self

hey Krugger you RULE please if you have AIM im me at paintballMC117 thanks!!!!

If you're really phiberoptik shouldn't you already know all of this ;-)