Was I social engineered? Some punk called me a week or two ago and asked if I would participate in a survey about my internet provider. I was in a playful mood and wanted to see if there was anything I would get out of it, so I said OK. The questions seemed benign enough (who is your ISP, what other broadband services have you considered, my first name), until I was asked for my income – I said I don’t want to offer that information. By the end of the phone call the kid sounded nervous. Embedding the important questions, asking other unimportant but more memorable ones – it was a textbook social engineering format!! I’ve wracked my brain trying to remember if there was something I said that I shouldn’t have, but can’t think of anything…
Well, two days ago my linux box was hacked. I couldn’t boot into Linux, it stopped after initializing ext3 and attempting to free kernel memory. Our IS admin at work took a look at my hard drive and found that the “init” executable looked suspicious – a grep through the file for f**k turned up positive, and the date and size didn’t look right. He replaced it with the standard RH 7.2 version and everything came up again. What ELSE got hacked??! To be continued…