Find the answer to your Linux question:
Page 1 of 2 1 2 LastLast
Results 1 to 10 of 11
I am still fairly new to Linux and learn something new almost everyday. Please bare with me. Okay I have this computer hacker problem. This guy keeps on getting into ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Oct 2008
    Location
    Texas
    Posts
    7

    Ubuntu 8.04 x11vnc


    I am still fairly new to Linux and learn something new almost everyday. Please bare with me.

    Okay I have this computer hacker problem. This guy keeps on getting into my computer and makes certain programs run. Sometimes they run with out me knowing. Other times he installed programs on my computer. Well today I noticed that my computer light was blinking. I knew I wasn't running any programs. So I disconnected myself from the internet and went into my root file >> .bash_history I noticed that the last command entered in there was x11vnc. I didn't enter that in my root terminal. I did a little research and it says it's just another remote desktop application. My question is, since he enabled x11vnc does that give him permission to watch what I am doing on my computer with out me knowing? I already un-installed it because it freaked me out. Will someone please help clarify? Thanks.

  2. #2
    Just Joined!
    Join Date
    Oct 2008
    Location
    Texas
    Posts
    7

    Arrow Cable Modem and IP Address

    I have roadrunner cable internet. I also have a computer hacker problem. My question to anyone that is able to help me is if I were to get a different cable modem will that change my ip address, broadcast address, subnet mask, default route, primary dns, secondary dns, and hardware address ?

    I tried talking to someone in Best Buy and they didn't know. Then the guy from Best Buy transfered me over to Geek Squad and they said they couldn't help me unless I paid them for their help. I also tried talking to my internet provider and they were not sure. They said that I could purchase another modem from them just to see if it would work (I'm not even sure if I should or not).

    IF the ip can be changed with a new modem, will that keep the computer hacker out of my computer?

    I need all the help I can get. Thanks.

  3. #3
    Linux Engineer rcgreen's Avatar
    Join Date
    May 2006
    Location
    the hills
    Posts
    1,134
    if I were to get a different cable modem will that change my ip address, broadcast address, subnet mask, default route, primary dns, secondary dns, and hardware address ?
    No. These things are assigned by a server at your Internet
    Service Provider when you connect. Disconnecting the power from
    the modem and restarting may result in a new address,
    depending on your provider's policies.

    What is the nature of your problem? The remedy may be simple.

  4. $spacer_open
    $spacer_close
  5. #4
    Just Joined!
    Join Date
    Oct 2008
    Location
    Texas
    Posts
    7
    Quote Originally Posted by rcgreen View Post
    No. These things are assigned by a server at your Internet
    Service Provider when you connect. Disconnecting the power from
    the modem and restarting may result in a new address,
    depending on your provider's policies.

    What is the nature of your problem? The remedy may be simple.
    Well this guy I was friends with is a computer hacker and knows Linux really well. He keeps hacking into my computer. He ran x11vnc when I told him that what I was doing shouldn't matter to him. I wrote a post about it in Ubuntu. I want to keep him out of my computer permanently. All he ever does is cause damage to my computer when ever I don't do what he wants me to do. I removed x11vnc because that is the last command that he ran in my root terminal with out me knowing about it. This was today. I am constantly keeping an eye on the root ".bash_history". So I know he entered that command today. Not only that I kinda know when he gets into my computer and starts running programs because my computer light blinks constantly. I don't know how to keep him out. I don't know how he gets in. Someone from my very first post told me to install rkhunter. Which I did and everything turned out fine. I also changed my user and root password. That still won't help. I hope this helps clarify a lot of things. Thanks.

  6. #5
    Just Joined!
    Join Date
    Oct 2008
    Location
    Texas
    Posts
    7

    Arrow Emegency HELP!

    There is a guy that has been hacking into my computer for a while already. Today he typed in these commands into my root terminal:

    x11vnc
    x11vnc
    x11vnc -display :0
    locate .Xauth

    I don't know what he is trying to do but I have a feeling he wants to destroy my computer. I uninstalled x11vnc (I don't full understand what it does) today once I saw the x11vnc command typed in the root terminal. I am not sure if uninstalling was a good idea or not but I did it anyways. I am not sure what to do anymore. I already tried reporting him to the FBI and they won't do anything. Can someone please help me keep him out of my computer? Thanks.

  7. #6
    Linux User dxqcanada's Avatar
    Join Date
    Sep 2006
    Location
    Canada
    Posts
    259
    Well, it appears that he is getting into your computer either through a port that is open (possibly a backdoor).

    First check to see who if anyone is logged in:
    Code:
    # who
    Check for what ports are open:
    Code:
    # netstat -ltup
    Disable services/applications.

    Use chkroot or rkhunter to see if they can detect any backdoors.



    Men occasionally stumble over the truth,
    but most of them pick themselves up
    and hurry off as if nothing had happened.

    Winston Churchill


    ... then the Unix-Gods created "man" ...

  8. #7
    Just Joined!
    Join Date
    Oct 2008
    Location
    Texas
    Posts
    7
    I tried the #who and # netstat -ltup. Nothing happened but I think that maybe because at the time I did it, it was right after I had disconnected my internet and then reconnected it. I talked to someone earlier and they told me to open up synaptic package manager and to remove all vnc and ssh files. I removed all of the vnc but not the ssh files. I know from experiance that if you remove one thing it may ruin the computer in another way. These are the programs that show up under ssh in synaptic package manager:

    dsniff, gnome-keyring, libgnome-keyring0, libgnome-keyring-dev, libndesk-dbus 1.0-cil, libndesk-dbus-glib 1.0-cil, libpam-gnome-keyring, libssl0.9.8, openssh-blacklist, openssh-server

    A few of them I don't quite understand. That is why I am unsure if I uninstall all of these or certain ones? Thanks

    edit: I was also told that I needed to get a router. I was told that it would definitely keep this computer hacker out. If this is true, which router would be best. I have cable roadrunner and it's not wireless. I have also entered: "sudo ufw enable" in my terminal and sudo apt-get remove ssh. I was told that "sudo ufw enable" would turn on my firewall and keep him out for a little bit (if hes a good hacker he'll find a way back in). That is why they suggested I get a router. Is linksys a good router? Thanks again.

  9. #8
    Just Joined! cheapscotchron's Avatar
    Join Date
    Dec 2008
    Location
    swamps of jersey
    Posts
    68
    You should never have your computer connected directly to the modem/intenet. First thing to do is install a router and put your linux box behind it. Most consumer oriented routers like linksys will work fine right out of the box. If it has wireless access, be sure to disable it or make sure you require authentication. Also, change the admin password for the router.

    I would also download rkhunter and run it to see if he may have installed some backdoor rootkit.

    If you can determine (look in /var/log/messages) the login he used to VNC into your server, change the password associated with that login.

    Dont let the guy back into your house.

  10. #9
    Linux User dxqcanada's Avatar
    Join Date
    Sep 2006
    Location
    Canada
    Posts
    259
    Make sure to change the "root" user's password.
    Make sure to change your password.

    Check your user list for odd users.

    If the netstat command did not display anything, then that indicates no listening ports ... which is a good thing for you.



    Men occasionally stumble over the truth,
    but most of them pick themselves up
    and hurry off as if nothing had happened.

    Winston Churchill


    ... then the Unix-Gods created "man" ...

  11. #10
    Linux Engineer GNU-Fan's Avatar
    Join Date
    Mar 2008
    Posts
    935
    Format your hard drive and do a completely fresh install.
    You will not be able to regain control of your system otherwise.
    Debian GNU/Linux -- You know you want it.

Page 1 of 2 1 2 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •