Suspected Intrusion hacker

[davidian_24]

Hi,

I am running Ubuntu 10.04. Just thought I would share this and don't know if anyone else has come across this but this morning when I woke up (My laptop was left on all night) I noticed a msg on my screen saying :

"Another user is trying to view your Desktop" A user on the computer
'187-4-117-207.cbace700.e.brasiltelecom.net.br' is trying to remotely view or control your dekstop. Do you want to allow this ?

. It basically is the remote desktop tool that popped up and I have never come across this before.
My concern is how can I trace this back? how was my IP for my particular machine found? I am all the way in Australia and the hostname appears to be from brasil. By default root is disabled on Ubuntu which is good but I don't know if such attack should be concerned about? I have a server in my network running ClearOS too but wasn't running that night.

Regards,
Kalid

[psic]

First, turn off the remote desktop (it's somewhere in the preferences). Next, are you using a router? If so, check to make sure port forwarding is turned off and that you have a firewall.

You can also check the status of the ports on your computer with this handy site (called 'Shields up!').

I wouldn't really bother with trying to track him down (ran a quick trace route and yeah, the IP seems to be from brasiltelecom.net.br) - just make sure you're security is tight (run a good firewall and you should be OK).

[xiaohb]

Don't worry,you just need to turn off the remote desktop,then the hacker can't do anything on your system.you'd better open the firewall,and keep hacker from attacking your system.