偶不是被入侵了吧。。。请帮看看

amro · 发表于 2007-7-8 20:56:44

Post by lpw
richard, stephen 那些应该是非本机用户吧
汗一下楼主, root 敢死队啊~

- - 开始什么也不会么...........

amro · 发表于 2007-7-8 21:00:09

Post by mech
很显然是72.54.118.155等等在探测你的系统

请问为什么被盯上了呢？偶是不是应该关闭某些服务还是什么？（今天关闭了ssh服务了）
偶用的lumaqq，还有wine上的BT是不是会有问题呢？

lldd · 发表于 2007-7-8 21:08:16

学习了......顶上

我的应该没有问题吧？
# last -n 20 -f /var/log/btmp
(unknown :0                         Sun Jul  8 21:08 still logged in
(unknown :0                         Sun Jul  8 21:08 - 21:08  (00:00)
(unknown :0                         Sun Jul  8 21:07 - 21:08  (00:00)
(unknown :0                         Sun Jul  8 21:07 - 21:07  (00:00)
(unknown :0                         Sun Jul  8 21:07 - 21:07  (00:00)
(unknown :0                         Sun Jul  8 21:07 - 21:07  (00:00)
(unknown :0                         Sun Jul  8 21:06 - 21:07  (00:00)
(unknown :0                         Sun Jul  8 21:06 - 21:06  (00:00)
(unknown :0                         Sun Jul  1 00:32 - 21:06 (7+20:34)
(unknown :0                         Sun Jul  1 00:24 - 00:32  (00:07)
(unknown :0                         Wed Jun 27 09:21 - 00:24 (3+15:02)
(unknown :0                         Tue Jun 26 00:22 - 09:21 (1+08:59)
(unknown :0                         Thu Jun 21 23:22 - 00:22 (4+00:59)
(unknown :0                         Thu Jun 21 14:33 - 23:22  (08:49)
(unknown :0                         Mon Jun 18 16:40 - 14:33 (2+21:52)
(unknown :0                         Mon Jun 18 07:52 - 16:40  (08:48)
init 5 tty1                         Wed Jun 13 17:06 gone - no logout
init 5 tty1                         Wed Jun 13 16:38 - 17:06  (00:28)
init 5 tty1                         Wed Jun 13 14:28 - 16:38  (02:09)
init 5 tty1                         Wed Jun 13 13:44 - 14:28  (00:44)

btmp begins Thu Jun  7 16:20:34 2007

lldd · 发表于 2007-7-8 21:10:05

学习了......顶上

我的应该没有问题吧？
# last -n 20 -f /var/log/btmp
(unknown :0                         Sun Jul  8 21:08 still logged in
(unknown :0                         Sun Jul  8 21:08 - 21:08  (00:00)
(unknown :0                         Sun Jul  8 21:07 - 21:08  (00:00)
(unknown :0                         Sun Jul  8 21:07 - 21:07  (00:00)
(unknown :0                         Sun Jul  8 21:07 - 21:07  (00:00)
(unknown :0                         Sun Jul  8 21:07 - 21:07  (00:00)
(unknown :0                         Sun Jul  8 21:06 - 21:07  (00:00)
(unknown :0                         Sun Jul  8 21:06 - 21:06  (00:00)
(unknown :0                         Sun Jul  1 00:32 - 21:06 (7+20:34)
(unknown :0                         Sun Jul  1 00:24 - 00:32  (00:07)
(unknown :0                         Wed Jun 27 09:21 - 00:24 (3+15:02)
(unknown :0                         Tue Jun 26 00:22 - 09:21 (1+08:59)
(unknown :0                         Thu Jun 21 23:22 - 00:22 (4+00:59)
(unknown :0                         Thu Jun 21 14:33 - 23:22  (08:49)
(unknown :0                         Mon Jun 18 16:40 - 14:33 (2+21:52)
(unknown :0                         Mon Jun 18 07:52 - 16:40  (08:48)
init 5 tty1                         Wed Jun 13 17:06 gone - no logout
init 5 tty1                         Wed Jun 13 16:38 - 17:06  (00:28)
init 5 tty1                         Wed Jun 13 14:28 - 16:38  (02:09)
init 5 tty1                         Wed Jun 13 13:44 - 14:28  (00:44)

btmp begins Thu Jun  7 16:20:34 2007

amro · 发表于 2007-7-8 21:11:38

Post by lldd
学习了......顶上

我的应该没有问题吧？
# last -n 20 -f /var/log/btmp
(unknown :0                         Sun Jul  8 21:08 still logged in
(unknown :0                         Sun Jul  8 21:08 - 21:08  (00:00)
(unknown :0                         Sun Jul  8 21:07 - 21:08  (00:00)
(unknown :0                         Sun Jul  8 21:07 - 21:07  (00:00)
(unknown :0                         Sun Jul  8 21:07 - 21:07  (00:00)
(unknown :0                         Sun Jul  8 21:07 - 21:07  (00:00)
(unknown :0                         Sun Jul  8 21:06 - 21:07  (00:00)
(unknown :0                         Sun Jul  8 21:06 - 21:06  (00:00)
(unknown :0                         Sun Jul  1 00:32 - 21:06 (7+20:34)
(unknown :0                         Sun Jul  1 00:24 - 00:32  (00:07)
(unknown :0                         Wed Jun 27 09:21 - 00:24 (3+15:02)
(unknown :0                         Tue Jun 26 00:22 - 09:21 (1+08:59)
(unknown :0                         Thu Jun 21 23:22 - 00:22 (4+00:59)
(unknown :0                         Thu Jun 21 14:33 - 23:22  (08:49)
(unknown :0                         Mon Jun 18 16:40 - 14:33 (2+21:52)
(unknown :0                         Mon Jun 18 07:52 - 16:40  (08:48)
init 5 tty1                         Wed Jun 13 17:06 gone - no logout
init 5 tty1                         Wed Jun 13 16:38 - 17:06  (00:28)
init 5 tty1                         Wed Jun 13 14:28 - 16:38  (02:09)
init 5 tty1                         Wed Jun 13 13:44 - 14:28  (00:44)

btmp begins Thu Jun  7 16:20:34 2007

你有没有在自己的FC上用lumaqq或者是wine＋BT？

lldd · 发表于 2007-7-8 21:14:23

用的是EVA 和 WINE＋BitSpirit

amro · 发表于 2007-7-8 21:19:02

Post by lldd
用的是EVA 和 WINE＋BitSpirit

谢谢～～请问lldd，有使用PAX防溢出程序么？

lldd · 发表于 2007-7-8 21:25:54

没有用什么防溢出程序，我想你修改一下root密码，然后再新建一个普通用户，用普通用户账号登陆好了

amro · 发表于 2007-7-8 21:33:15

Post by lldd
没有用什么防溢出程序，我想你修改一下root密码，然后再新建一个普通用户，用普通用户账号登陆好了

谢谢。。。。这次偶知道厉害咯～～～仔细查看，好多好多地陌生用户哦～～偶机器都成了实验室了，汗

		自动登录	找回密码
密码			注册

偶不是被入侵了吧。。。请帮看看

浏览过的版块