my leopard box recently got hacked, and i'm trying to decipher what was done, and how dire my situation is.
i thought it was a trojan that maybe my gf had downloaded, but from what i can tell there have been no downloaded files, and she says she didn't download or install (or authenticate) anything.
below is a link to my file serve where i have the bash history as well as the original files (which can also be downloaded from the curl in the bash history)
so what were they trying to do?
Http://file.meyersproduction.com/botdarwin
system specs:
2.8 dual quad mac pro
web sharing
remote access (ssh)
remote management (vpn)
print sharing
firewall off
ports were not routed to my system from the internet (local ip's had changed and hadn't been corrected to reach my box from the internets)
i also have a dyndns set up that forwards to my ip.
much thanks
i thought it was a trojan that maybe my gf had downloaded, but from what i can tell there have been no downloaded files, and she says she didn't download or install (or authenticate) anything.
below is a link to my file serve where i have the bash history as well as the original files (which can also be downloaded from the curl in the bash history)
so what were they trying to do?
Http://file.meyersproduction.com/botdarwin
system specs:
2.8 dual quad mac pro
web sharing
remote access (ssh)
remote management (vpn)
print sharing
firewall off
ports were not routed to my system from the internet (local ip's had changed and hadn't been corrected to reach my box from the internets)
i also have a dyndns set up that forwards to my ip.
much thanks