this is a good one... although i dont really dont know what responses you'd get from the mailing list, but i think the warning bells might have already started to ring.
1. try "who" on the console.. (that should give you the exact number of users logged in and MOST IMPORTANTLY their "ip addresses"). so if they are who you suspect they might be, then you know their address too. thats the start for "knowing" whether the warning bells are ringing. 2. next if possible put up the username list up here on the mailing list (considering that you (like me!) wouldnt really know whether a login id is installed by a defualt RH9 system or by an intruder). try attaching the file (/etc/passwd -> dont worry it doesnt have passwords in it!!! ;-) ) 3. remove any users you feel shouldnt be there. 4. remove any servers you believe are not really required. most common ones are sendmail, telnet, ssh, vncserver, etc... try doing a "ps -ax" and see whether you see any of these. they are NOT a problem, but i'd suggest you have them running only if you really need them. all the best! ;) affly robins On Tue, 2003-09-02 at 11:27, Rajesh K. Jha wrote: > I am using Red Hat 9 and connect to the internet through the cable. I see in the > GTKrelm ( the programme which shows you the detail of processes , net connection > etc) that there are 3, sometimes 4, occasionally 2 also, users connected to my > computer. My computer is at home and it is not networked except that it is connected > through the LAN to get the internet connection. In my computer, I have created 2 > users. What could be the reason? Who could be the users? Can somebody be logging in > to my computer without my knowledge? To the best of my knowledge, I have not set up > any servers etc unless something comes by default while setting up RH9. > Rajesh K. Jha _______________________________________________ ilugd mailing list [EMAIL PROTECTED] http://frodo.hserus.net/mailman/listinfo/ilugd
