From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from beaver.sibername.com ([64.15.155.210])
	by speech.braille.uwo.ca with esmtp (Exim 3.36 #1 (Debian))
	id 1Idffr-0000sa-00
	for <speakup@braille.uwo.ca>; Fri, 05 Oct 2007 01:24:31 -0400
Received: from [24.226.67.55] (port=58069 helo=proficio)
	by beaver.sibername.com with smtp (Exim 4.68)
	(envelope-from <doug@proficio.ca>) id 1IdffL-0002pR-5c
	for speakup@braille.uwo.ca; Fri, 05 Oct 2007 01:23:59 -0400
Message-ID: <00f201c80710$41fa1a00$ab00a8c0@proficio>
From: "Doug Sutherland" <doug@proficio.ca>
To: "Speakup is a screen review system for Linux." <speakup@braille.uwo.ca>
References: <4705B94E.9060902@clearwire.net>
Subject: Re: Printer/scanner suggestions.
Date: Fri, 5 Oct 2007 01:26:18 -0400
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1807
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1896
X-AntiAbuse: This header was added to track abuse,
	please include it with any abuse report
X-AntiAbuse: Primary Hostname - beaver.sibername.com
X-AntiAbuse: Original Domain - braille.uwo.ca
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - proficio.ca
X-Source: 
X-Source-Args: 
X-Source-Dir: 
X-BeenThere: speakup@braille.uwo.ca
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: "Speakup is a screen review system for Linux."
	<speakup@braille.uwo.ca>
List-Id: "Speakup is a screen review system for Linux."
	<speakup.braille.uwo.ca>
List-Unsubscribe: <http://speech.braille.uwo.ca/mailman/listinfo/speakup>,
	<mailto:speakup-request@braille.uwo.ca?subject=unsubscribe>
List-Archive: <http://speech.braille.uwo.ca/pipermail/speakup>
List-Post: <mailto:speakup@braille.uwo.ca>
List-Help: <mailto:speakup-request@braille.uwo.ca?subject=help>
List-Subscribe: <http://speech.braille.uwo.ca/mailman/listinfo/speakup>,
	<mailto:speakup-request@braille.uwo.ca?subject=subscribe>
X-List-Received-Date: Fri, 05 Oct 2007 05:24:32 -0000

Michael,

Try 
chattr -i 
on those files inaccessible by root.

It should not be possible for files to be inaccessible by root.
It is possible that you now have a rootkit installed.
A hacker might for example replace your ls command
and your chmod command, or any other basic utilities
to make things appear as they are not.

Don't leave ports open!
Don't run services that you don't need.
Create some detterents so they go somewhere else instead.

  -- Doug


> Unfortunately, it seems I've already been hacked.  Looks like I'll have
> to do a full, scratch Slackware reinstall.  Found some hidden files in
> my home directory that aren't even root accessible.