[SATLUG] Possible attack

Marc Ripley misteratomic at gmail.com
Thu Jan 24 11:27:02 CST 2013


Wow, that's frightening.  I'm interested in learning too.
On Jan 24, 2013 11:17 AM, <hc at lookcee.com> wrote:

>
>
>
>
>
>
> hey  gang I think I may have gotten hacked at yesterday. I was in chat
> session  with my niece in FL & suddenly my screen had file mgr windows
>  opening closing I saw they all were partition Labels on the USB-BU drive
> and  I looked at the drive. The bright blue light was lit full blast so i
> hit off sw  total elapsed time was bout 5sec. led was bright blue maybe sec
> & half. I  have not turned dr back on yet. Mint-13 Mate 12.06
>
> 1.  I want to look at the logs to see if what happened was recorded. I
> have 25logs that I know of.
>
> 2. I know it wasn't me that opened that HD. sdb1, sdb3 & sdb5 were all
> three accessed.
>
> 3. Time was 12:55:16 at end minus few secs. The time slot of 12:54:00 to
> 12:55:15.
>
> So what log(s) show disk read/write? What do I look for/under. Suggestions
> of what you experienced ones would do.
>
> I  confess in my 6yrs with the bird I have always wondered about using the
> logs. I would like to know what I can learn in this instance. I am not sure
> I was even hacked but I would like to know.
> Thanks herb
> --
> _______________________________________________
> SATLUG mailing list
> SATLUG at satlug.org
> http://alamo.satlug.org/mailman/listinfo/satlug to manage/unsubscribe
> Powered by Rackspace (www.rackspace.com)
>


More information about the SATLUG mailing list