Did you determine how he got in?
> -----Original Message-----
> From: Howie Dines [mailto:howie (at mark) howie.co.uk]
> Sent: Friday, September 22, 2006 1:15 AM
> To: coba-e (at mark) bluequartz.org
> Subject: [coba-e:07182] psybnc (IRC Bouncer)
>
> Some delightful chum from ru had decided to hack into one of my BQ servers
> and install psybnc
>
> It was placed in a dir /home/.users/112/admin/nuonce/ /psybnc/
> the gap is seen as 3xspaces
>
> I've now killed the pid and deleted the lower level nuonce dir using "rm -
> fR
> nuonce"
>
> All seems to be clear now, however if I issue the command "locate psybnc"
> it
> still finds a whole list of files in the mystery dir.
>
> Are they really there or is the locate command just finding a cached
> listing
> or something?
>
>
> Also if I do a "last command" I get a truncated domain name of the guy
> Is there any way to call up /list his full domain name ?
>
> admin pts/1 broadband2-201.m Thu Sep 21 09:06 - 09:38 (00:31)
>
> Best Regards,
> Howie.