[svlug] Intrusion detected: What's the best response

[Jesse Monroy]

ok. likely hacked to XP, then reverse firewall out.
Get new router, tplink or dlink. Install Ubuntu on that laptop. Reset
software on linux box when you get time.

Its 2am on Pacific coast. likely you will get more response 8 hours (11am)
or 16 hrs.

Dont forget current SSL bug.
http://jssnippets.wordpress.com/2014/06/06/another-sll-bug/

or old bug
http://jssnippets.wordpress.com/2014/05/14/heartbleed-bug-status-what-who/

Good Luck
Jesse
 On Jun 9, 2014 2:13 AM, "Sanatan Rai" <sanatan at gmail.com> wrote:

> On 9 June 2014 09:53, Jesse Monroy <jesse650 at gmail.com> wrote:
> > i'd expect more questions. New? No.
>
>     It was new in 2011, when I bought it. Not any more...
>
> > Consider building your own router, or buy something at least 2 years old
> and
> > had been patched.
>
>    The firmware's been patched whenever's there's been an update. It's
> on the latest firmware.
>
>    Unfortunately, building my own isn't an option...have a (non
> sysadmin) day-job, family etc.
>
>    As I said, the main point of worry is that (seemingly) there was
> someone logged in even though it's set up to reject incoming
> connexions. That would seem to rule out the same make/model as it
> points some fundamental flaw in how this's been implemented.
>
> --Sanatan
>
> --
> Sanatan Rai
> 3, Admirals Court,
> 30, Horselydown Lane,
> London, SE1 2LJ.
> +44-20-7403-2479.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.svlug.org/archives/svlug/attachments/20140609/2e1beda1/attachment.htm