[SATLUG] Possible attack

hc at lookcee.com hc at lookcee.com
Thu Jan 24 11:06:23 CST 2013







hey  gang I think I may have gotten hacked at yesterday. I was in chat session  with my niece in FL & suddenly my screen had file mgr windows  opening closing I saw they all were partition Labels on the USB-BU drive and  I looked at the drive. The bright blue light was lit full blast so i hit off sw  total elapsed time was bout 5sec. led was bright blue maybe sec & half. I  have not turned dr back on yet. Mint-13 Mate 12.06

1.  I want to look at the logs to see if what happened was recorded. I have 25logs that I know of.

2. I know it wasn't me that opened that HD. sdb1, sdb3 & sdb5 were all three accessed.

3. Time was 12:55:16 at end minus few secs. The time slot of 12:54:00 to 12:55:15.

So what log(s) show disk read/write? What do I look for/under. Suggestions of what you experienced ones would do. 

I  confess in my 6yrs with the bird I have always wondered about using the logs. I would like to know what I can learn in this instance. I am not sure I was even hacked but I would like to know.
Thanks herb


More information about the SATLUG mailing list