Setup snort or verbose logging to find out whats wrong On April 3, 2019 8:56:39 PM GMT+02:00, Cord <openbs...@protonmail.com> wrote: >Hi, >I have some heavy suspect that my openbsd box was been hacked for the >second time in few weeks. The first time was been some weeks ago, I >have got some suspects and after few checks I have found that someone >was been connected to my vps via ssh on a non-standard port using my >ssh key. The connection came from a tor exit node. There were been 2 >connections and up since 5 days. Now I have some other new suspects >because some private email seems knew from others. Also I have found >other open sessions on the web gui of my email provider, but I am >abolutely sure I have done the logout always. >I am using just chrome+unveil and I haven't used any other script or >opened pdf (maybe I have opened 1 or 2 pdf from inside of chrome). I >have used epiphany *only* to open the webmail because chrome crash. My >email provider support html (obviously) but generally photo are not >loaded. Ofcourse I have pf enable and few service. >I also use a vpn and I visit very few web site with chrome.. maybe 20 >or 25 website just to read news. Sometimes I search things about >openbsd. >Anyone could help me ? >Cord.
-- Sent from my Android device with K-9 Mail. Please excuse my brevity.
