I really need help!!!
A buddy of mine knows a couple of hackers who have done sh*t to his system
without informing him. They acquired all of his information from his laptop
and his WebTV. He was paranoid about what they might do to his information
(c cards, social, etc). I told him enough to scare him into talking to those
hackers. They confessed, and they told him what they did, and what they are
capable of. But, what scared me the most is what he said they did to me
without me knowing. They told him about what I do with Linux based on my
command prompt history. My buddy wasn't messing with my head, because
before they told him that, he didn't know what a command prompt was. This
guy accessed my system through my ppp connection with Inficad, even through
the random ip addresses that they send.
The point to all of this is: I want to find out how to stop this from
happening. I have a few ideas of my own, and I have lots of questions.
Besides setting up a firewall, what other security measures should I consider
implementing?
What will it take to keep this guy out of my system? What is he capable of
doing besides knowing my command history in my term windows. Would it be
effective if I set up a user for myself (I am always root) to keep him out?
I am not on a LAN, just ppp to inficad, and I don't know if being root is
dangerous or not.
If it helps...
I use Slackware 7.1 (I modified it to incorporate kernel 2.4.1), and I use
dial-up internet pppd with kppp - and the ISP assigns random ip addresses.
I don't have a firewall set up yet, and I am working on getting that up (I am
reading the howto now).
Thanks!!!
--
Rick Rosinski
http://rickrosinski.com
rick@rickrosinski.com