Hi,
I have some heavy suspect that my openbsd box was been hacked for the second
time in few weeks. The first time was been some weeks ago, I have got some
suspects and after few checks I have found that someone was been connected to
my vps via ssh on a non-standard port using my ssh key. The connection came
from a tor exit node. There were been 2 connections and up since 5 days. Now I
have some other new suspects because some private email seems knew from others.
Also I have found other open sessions on the web gui of my email provider, but
I am abolutely sure I have done the logout always.
I am using just chrome+unveil and I haven't used any other script or opened pdf
(maybe I have opened 1 or 2 pdf from inside of chrome). I have used epiphany
*only* to open the webmail because chrome crash. My email provider support html
(obviously) but generally photo are not loaded. Ofcourse I have pf enable and
few service.
I also use a vpn and I visit very few web site with chrome.. maybe 20 or 25
website just to read news. Sometimes I search things about openbsd.
Anyone could help me ?
Cord.
