At this point, I'd say yes, especially since "operator" has no password
and isn't supposed to be logged into.
On Sun, 4 Mar 2001, Ben Ocean wrote:
> Here's another one, this one not to *tty1* but rather *pts/1*. Have I been
> hacked?
> BenO
>
> >Date: Sun, 4 Mar 2001 14:46:13 -0800
> >From: bin <[EMAIL PROTECTED]>
> >To: [EMAIL PROTECTED]
> >Subject: portmap attempt on thor from 211.57.229.2 (211.57.229.2)
> >
> > [211.57.229.2]
> > Login: operator Name: operator
> > Directory: /root Shell: /bin/sh
> > On since Mon Mar 5 13:13 (KST) on pts/1 from 21dial234.xnet.ro
> > 19 seconds idle
> > On since Mon Mar 5 13:23 (KST) on pts/2 from 21dial234.xnet.ro
> > 12 minutes 19 seconds idle
> > Last login Mon Mar 5 13:23 (KST) on 2 from 21dial234.xnet.ro
> > No mail.
> > No Plan.
>
>
>
> _______________________________________________
> Redhat-list mailing list
> [EMAIL PROTECTED]
> https://listman.redhat.com/mailman/listinfo/redhat-list
>
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
