On my dual-boot laptop, running under Sabayon Linux, my normal user
password suddenly stopped working. I logged in as root, which was
fine, and thinking it was perhaps just some glitch, went to the "Users
and Groups" list to reset the password. There, I found a curious
entry, a user account called "nx" immediately following my normal user
account in numeric sequence, that I hadn't created myself, dating very
nearly (if not exactly) to the date I installed Sabayon, about 2
months ago. Poking around in nx's home directory, defined as
'/usr/local/home/nx', I found it to contain a single piece of
software, whose "release notes.txt" directed me to a website called
nomachine.com, which appears to be a professional virtual machine
package! I delete the username and the associated directories, and 30
minutes later, user "nx" was back, plus a half-dozen OTHER user accounts.
I have no idea how this is even possible, but the evidence was
unmistakable. I concluded that my machine had been rootkitted
somehow, physically disconnected the machine from the internet, backed
up my personal data (mercifully it fit on one CD), rebooted from a
LiveCD and wiped the whole Linux partition.
Folks, I strongly suggest you check YOUR userlists also! And don't
imagine just because you use Linux that your machine can't be
zombified! In fact, I recall reading somewhere that bot-herders
*love* hacked Linux boxes so much, they sell for premium prices on the
bot-net black market.
Since Fedora 8 had just been released, I installed that in place of
Sabayon, but Fedora *still* doesn't support my Broadcom wifi out of
the box and I *hate* having to reinstall ndiswrapper every time the
Fedora kernel is updated! I'd like to go back to Sabayon, but I'm not
sure if I can trust it.
Also, Fedora 8's installation process seems to have neglected to
notice that it's sharing the machine with XP! It didn't destroy the
NTFS partition, or even touch it, I can "mount -t ntfs" and
examine/copy/modify the files, but I've lost the GRUB entry to boot
into Windows!
I don't know how to manually re-enter the lines, beyond remembering
that it invoked "chainloader +1". Help?
To unsubscribe from this list, please email [EMAIL PROTECTED] & you will be
removed.
Yahoo! Groups Links
<*> To visit your group on the web, go to:
http://groups.yahoo.com/group/LINUX_Newbies/
<*> Your email settings:
Individual Email | Traditional
<*> To change settings online go to:
http://groups.yahoo.com/group/LINUX_Newbies/join
(Yahoo! ID required)
<*> To change settings via email:
mailto:[EMAIL PROTECTED]
mailto:[EMAIL PROTECTED]
<*> To unsubscribe from this group, send an email to:
[EMAIL PROTECTED]
<*> Your use of Yahoo! Groups is subject to:
http://docs.yahoo.com/info/terms/
