Slashdot Mirror


Symptoms of Mac OS X Hack?

goatbar asks: "Many of you have probably dealt with computer intrusion before, but this is the first time for me with Mac OS X. I've got a machine where the passwords have been altered. If this were Linux, I would drop in Knoppix, figure out which way I got hacked, backup the system, reinstall, secure it and be back up in a couple hours. However, with OSX what can I do? Does anyone have strategies for regaining access to the machine and doing a post-mortem? I'm going to bring up the system drive on a laptop, but then what? I can back it up, but other than the system logs, where to look beyond the usual '.BitchX' and '...' directories. How do I easily tell what other annoying little things have been installed?"

1 of 135 comments (clear)

  1. Re:When did it happen? by thefroatgt · · Score: 5, Insightful

    Wouldn't you be able to change timestamps and stuff like that if you hacked a system? I know nothing of how OS X's filesystem works, but seems like that would be nigh impossible to stop.