Am 05.07.2014 18:46, schrieb Lew Wolfgang:
Hi Daniel, ...
I hate to even think it, but your computer "might" have been compromised. I had experience with this last month when I had an openSuSE 12.1 server rooted from China via Korea. I don't know what they were doing, but it had the net effect of launching a DOS against Google over port 53 (domain).
Take a look around at running processes using "top" and look for anything unusual, especially process names beginning with a ".". Also look in /etc/init.d for new/unusual entries. You might also find binaries in /boot that are used to restart the malware after booting. You might also see and edit of root's "history". I saw references to IptabLes and IptabLex. There's lots on Google about this, but no clear indication of the vulnerability. Here's one link:
http://lowendtalk.com/discussion/28795/vps-got-hacked-with-iptables-iptablex
... I'll have a look at the details tomorrow and, quite sure, come up with more questions... Daniel -- Daniel Bauer photographer Basel Barcelona professional photography: http://www.daniel-bauer.com google+: https://plus.google.com/109534388657020287386 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org