Thread: Munix hacked? Valid files for install of Leopard?
View Single Post
  #3  
Old May 20th, 2008, 05:35 PM
ElDiabloConCaca's Avatar
ElDiabloConCaca ElDiabloConCaca is offline
U.S.D.A. Prime
  
Join Date: Aug 2001
Location: San Antonio, Texas
Posts: 10,377
Thanks: 3
Thanked 124 Times in 113 Posts
ElDiabloConCaca is a jewel in the roughElDiabloConCaca is a jewel in the roughElDiabloConCaca is a jewel in the rough
Just to clear the decks of something:

It is impossible for your system, compromised or not, to write additional data to CD or DVD installation media that you bought at the store -- those discs are not writable at all, and are even physically dissimilar from writable CD-R or DVD-R discs that you would normally purchase to burn stuff on.

Short answer: it's not your installation media that's being compromised.

Can you try installing all the good stuff WITHOUT being connected to the internet? Physically pull the ethernet plug out while you're installing and setting passwords, and do not re-connect it until you're done with setting passwords and locking the system down.

It seems as though you're being quickly compromised... are you setting the same root password each time you reinstall? If so, and you have a static IP address, then it's completely possible that the hacker that obtained your password the first time is simply using it over again to re-compromise your system.

Could there be a machine on your network that is doing this? The speed at which you say you're being compromised leads me to think that perhaps another machine has been compromised on your network, allowing faster "cracks" since there's less delay than going over the internet.
__________________
Power Macintosh G4/500MHz "Yikes!" 10.4.11 Server • 1024MB • 3 x 120GB + 320GB • DVR-111D • 2 x Radeon 7000 PCI • 2 x 17" CRT
MacBook 2.0GHz Core 2 Duo - White 10.5.5 • 2048MB • 80GB • CD-RW/DVD-ROM
iPod Photo 60GB • iPod nano 1GB • AT&T DSL 6Mb/768k
http://www.jeffhoppe.com