From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.62) (envelope-from ) id 1HKNa7-0000GE-Ra for garchives@archives.gentoo.org; Thu, 22 Feb 2007 23:42:36 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.14.0/8.14.0) with SMTP id l1MNfRIv030964; Thu, 22 Feb 2007 23:41:27 GMT Received: from ik-out-1112.google.com (ik-out-1112.google.com [66.249.90.176]) by robin.gentoo.org (8.14.0/8.14.0) with ESMTP id l1MNYl31022877 for ; Thu, 22 Feb 2007 23:34:47 GMT Received: by ik-out-1112.google.com with SMTP id c30so198119ika for ; Thu, 22 Feb 2007 15:34:47 -0800 (PST) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=aubymKFSUM1qPOihNH+q899gwPgRYyEV4ij0HLzBD/GLXEvnLcqrhM/toqsVDAYAkPJcCNP+3U6xBSlUHlbPL3Rvg95CMD4O43tToYY3FMk+ThZay9dI6wNwM1VAjK/Y3zsfjOSARj+tjXjX9IgOoJPIiATnh0CL6zxxbz/++MM= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=JydFp87DbjjIhrH0d1VPrb4Mbu2V3+5SxIUwTeewK3w/z/0Y8KsTDVR/i0GBOlKmhsOuNS0oVHvInvXQvm7TlUmpKtJy2PHptAyg3pqmerSloUkkqgBwN3hwYVfKVtqDqdsvKqonGScRinicA0V7faKkbmpHlxwdKLUynyTT9Gk= Received: by 10.114.60.19 with SMTP id i19mr573506waa.1172187285384; Thu, 22 Feb 2007 15:34:45 -0800 (PST) Received: by 10.114.176.16 with HTTP; Thu, 22 Feb 2007 15:34:45 -0800 (PST) Message-ID: <49bf44f10702221534p2fd8fbd7u7a3d7c3f68b51893@mail.gmail.com> Date: Thu, 22 Feb 2007 15:34:45 -0800 From: Grant To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Did I just get hacked??? In-Reply-To: <1171165124.381.9.camel@blackwidow.nbk> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <49bf44f10702101827k199bf270yfb65ed1f4f5195e0@mail.gmail.com> <1171165124.381.9.camel@blackwidow.nbk> X-Archives-Salt: a9280dcb-31a9-4a74-8929-2491ee43d725 X-Archives-Hash: 63044c6f04d1369eb3d0544678856bb8 > > The contents of my /home/grant/vmware folder have suddenly > > disappeared. I haven't noticed anything else strange yet. I did > > configure and start shorewall for the first time yesterday instead of > > using a few iptables commands from the Gentoo Home Router Guide. I'm > > also running PenguinTV (a video RSS aggregator with an ebuild in > > bugs.gentoo.org) and transmission (a bittorrent client in portage) > > So someone breaks into your box and the only thing they can think of to > do is remove your ~/vmware directory? It occurred to me this morning that a hacker could have gained access to my system via the vmware guest OS (XP) and then deleted the contents of vmware/ to cover his tracks. Does that sound like a possibility? - Grant -- gentoo-user@gentoo.org mailing list