[LUAU] Might I Be Hacked?

[Tim Newsham]

> doesn't work(not that I suspected it would). My concern is that I might
> have gotten hacked somehow. I know absolutely zero about how to go about
> seeing if my system has been compromised. I know this is a totally
> newbie question, but would appreciate a couple pointers. Thanks in
> advance!

You might have, or maybe not.  You really need to investigate a
bit further.  Start by taking a look at what the box is doing.
What processes are running.  Are there things running that aren't
normally running?  Which process(es) are using up the most resources?
Are any of these programs ones that were recently updated (does
your updating tool keep a log)?  Take a look at the network
traffic into and out of the box.  Is anything going on that shouldn't
be going on?

Obviously it helps a lot here to know what a healthy system looks
like in order to see what is unusual.  Google might be helpful to
track down things you don't understand.  You can also boucne questions
to the list, or to me.

Start out with the following:
    - ps
    - top
    - tcpdump or ethereal (be careful to filter out your own packets
      if you are connecting to the machine remotely or you will
      generate a loop)

it might be easier to stop a number of your normal services first.
For example, "telinit 3" to get out of X, and then go into /etc/init.d
and stop your "normal" services.  This would help you eliminate them.

> --John Johnson

Tim N.