Help: I think I've been hacked! what can I do??
Hendrik Hasenbein
hhasenbe at techfak.uni-bielefeld.de
Tue Jun 15 02:15:12 PDT 2004
Mark Jayson Alvarez wrote:
> Hi,
> Last night before this morning, I was browsing fine
> with kde's konqueror. I don't remember doing anything
> about my system rather than dialing through ppp. This
> morning, when I ppp to dial into internet... my
> external modem established a successful
> connection(because I can see the LED's are lightened
> up the way I usually see it).
>
> But when I launch the konqueror and typed something
> in the address bar and hit enter, it says <Unknown
> Host>
>
> Next, I tried browsing through Links in my shell
> but it still says Unknown Host. I even rebooted my
> machine and tried dialing again.. but still says
> <unknown host> whichever browser I use.
>
> I've tried to ping 127.0.0.1 and it replied. I've
> tried to ping http://www.google.com but it says there
> was an error.
Does the error looks like that:
ping: cannot resolve www.google.de: Unknown host
> I've type ifconfig in the shell and it returned
> something like 198.0.2...---->198.3.4...(just an
> example) at the bottom which indicates that I have a
> successful connection with my isp and they have
> provided me with a public ip address.
>
>
> I'm sending this email to you from Windows and I'm
> pretty sure that my external modem is working fine.
>
>
> Question:
> Do you have any idea what could have happened with my
> pc? I honestly think that I've been hacked and I am
> being denied of service. Now, I only have one thing in
> my mind... to back up my files and reformat my freebsd
> partition.
It could be a DNS issue. Can you try to ping 69.57.142.26,
66.35.250.150, 216.239.37.99, 216.239.57.99 or 216.239.39.99?
If you get a reply, try to enter them into your browser.
If that works, try to get the DNS server address under windows and enter
it in /etc/resolv.conf
> If you know something better than formatting my pc,
> please tell me where should I begin...
>
> One last thing...
> Other than those of recovered vi sessions, I can
> read some unusual mails about system occurances etc..
> when I logged in as a root(but I dont know what they
> really mean)
> Looking forward to your kindness,
> -jay :=(
Hendrik
More information about the freebsd-questions
mailing list