Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

Compromised linux box

2»

Comments

  • #32
    PrzemoF
    Registered Users, Registered Users 2 Posts: 1,931 ✭✭✭PrzemoF


    hooplah wrote: »
    I'm using xbian at the moment for sickbeard, torrents and xmbc. I was thinking about opening it up so that I could add to it from outside the house / use it as a vpn.

    What would you advise for allowing external access securely?

    check fail2ban


  • #33
    bnt
    Registered Users, Registered Users 2 Posts: 13,138 ✭✭✭✭bnt


    Is it not possible to boot in to a "recovery" mode (CLI only), and nuke that test account and /home/test ?

    Another way could be to drop to single user mode first, so that only root processes are running: log in as root, use the "init 1" command at a console shell (not under a GUI). Delete the account and directory, then "reboot".
    (it has been a long time since I tried this, so I can't vouch for how it will work in your case!)

    You are the type of what the age is searching for, and what it is afraid it has found. I am so glad that you have never done anything, never carved a statue, or painted a picture, or produced anything outside of yourself! Life has been your art. You have set yourself to music. Your days are your sonnets.

    ―Oscar Wilde predicting Social Media, in The Picture of Dorian Gray



  • #34
    PrzemoF
    Registered Users, Registered Users 2 Posts: 1,931 ✭✭✭PrzemoF


    bnt wrote: »
    Is it not possible to boot in to a "recovery" mode (CLI only), and nuke that test account and /home/test ?

    Another way could be to drop to single user mode first, so that only root processes are running: log in as root, use the "init 1" command at a console shell (not under a GUI). Delete the account and directory, then "reboot".
    (it has been a long time since I tried this, so I can't vouch for how it will work in your case!)

    Thanks, but the problem had been solved on the spot. I just copied the content of .x for further investigation and used (pseudocode): 
    kill (pidof httpd) & remove /home/test/.x
    so before httpd was respawned the directory was gone.


Advertisement