Hacked using remote VNC/change of ownership rights

Discussion in 'Mac OS X Server, Xserve, and Networking' started by adust1980, Aug 16, 2008.

  1. adust1980 macrumors newbie

    Aug 16, 2008
    I hope I'm using the correct forum...if not I apologize.
    I've been noticing strange activity through console recently and am now positive someone has been accessing my computer via a tunnel or vnc. I can't say I know much regarding either of these but I have saved the logs themselves. Recently I performed a clean install but I am getting the same type of ownership/wireless issues from a remote computer using vista. Ive monitored the remote install and observation via console and network utility.
    Upon clean install it appears to me...although these could be seperate issues...there is a partition on my HD that I can not delete or modify. Therefore this remote user has ownership rights and any future install is vulnerable to the same attack. Could someone point me in the right direction? Or tell me what information is useful or worth taking a look at? So far Ive been trying to log as much as possible just in case.
    Thank you so much.
  2. Cromulent macrumors 603


    Oct 2, 2006
    The Land of Hope and Glory
    Can you provide any examples of what you are seeing in your logs? Replace your IP address with Xs if you want. Basically all you need to do is turn your firewall on in the Security System Preferences pane (select essential services only, and if you want even more security turn stealth mode on as well) and disable screen sharing in the Sharing System Preferences pane.

Share This Page