newbie linx user highjacked

[dave major]

Hi,
was fed up with uncle bill and his cronies at MS and wanted to give linux a try much to the detriment of my home life as wife and kids couldnt be bothered learning new system but seems as if it slapped me in the face as some low life has hacked me and changed the kernel name. As I am new to linux I don't have a clue what they have access to and where to start with protection, any help would be greatly apprieciatied

[Jonathan183]

Are you sure that is what has happened rather than some other config failure?

Do you have a live CD to boot from while you work out what has happened?

If you have been hacked then a fresh install is the only sure way to fix things ... but you need to ensure you can avoid problems in future.

Look at the security info here before you re-install. During the install make sure you configure the firewall which you get with openSUSE correctly, use good passwords (particularly for root, dont login as root for normal user activities etc.

[oz]

Yep, far more likely to be a configuration error, unless you've been giving others access to your machine.

[dave major]

Thanks Guys,
I Installed Suse11 before i got your reply (jumped the gun as I felt exposed) think i need more experience with linux( but time is a problem, I think this is what MS feeds on) Just for the record my terminal name was changed and the system showed 2 users when only I was using the terminal, was it a config issue?

[techieMoe]

Thanks Guys,
I Installed Suse11 before i got your reply (jumped the gun as I felt exposed) think i need more experience with linux( but time is a problem, I think this is what MS feeds on) Just for the record my terminal name was changed and the system showed 2 users when only I was using the terminal, was it a config issue?

What do you mean by your "terminal name" was changed? By the way, most systems show 2 users (regular and root) when just one login in present.

[daark.child]

Your system may also show two users as being logged in if you are running a GUI and then start a terminal emulator. One user (you) is logged into the GUI and the other (you as well) is logged into a terminal.

[dave major]

Now feeling very stupid as I am so new to linux and did not know 2 users was the norm, does this also exlpain why when I went into terminal the name was changed from david@linux9gtl to bob@linux9gtl

[Jonathan183]

No that does not explain why username change has occured. Did you setup both user names on the system?
Did you review the information in post #2? ...
Setup normal user for day to day stuff and don't use root.
Use good passwords (especially for root), and make sure you setup the firewall correctly.
Use new usernames and passwords, also use a different password for root.
Only use the official repositories to install software from rather than downloading source or rpm files from the net.
Don't allow others physical access to your system, setup the system for local login only if you can, and disable ssh root login.
Don't login as root unless you really need to ...which you don't !
Review the link in post #2 and apply it to your system

That should significantly reduce the chance of someone cracking your system, but if you do suspect you have been cracked - try to work out how ... so you can stop them from doing it in future.

It's much easier to setup a secure Linux box than it is to setup a secure Windows box. You are less likely to be targetted and if the system is compromised it is less likely that major damage will occur because of better default security features.

I don't know if you were hacked ... and this will be difficult if not impossible to establish at this stage because any evidence was destroyed by a fresh install.