Good grief, my personal computer got rooted at 6:17 PM, or “hacked” for those of you who don’t know the technical term. I had pretty much left it open — lots services running, an exploitable automounter running… I had thought that the chances of a personal machine connected to a dynamic IP getting compromised were farily small, just because it’s so useless, and especially since I don’t post to newsgroups, don’t chat, and so forth, but it happened. Looks like they got a kit in as well.
Anyway, the idiot got in with a simple buffer overrun to the automount requester, a well-known exploit. Hilarious. Annoying, maybe, as well. Nothing on my machine, though, that they could have stolen — no credit card numbers, no banking information, none of that, and no real way to use me as a relay, at least not for long, and only at 56k (i.e. dialup speeds) for an hour or two. Anyway, used the opportunity to upgrade the OS version, then pulled out the tapes and restored my home directory and account stuff, and the /usr/local stuff, and I’m more or less back in business, a little embarrased at my laziness, but otherwise okay.
This time, I’ve closed the holes, since I now know that somebody will take the time to hit a personal box in a dynamic pool on a slow modem line.