RayS23 Posted October 18, 2018 Share Posted October 18, 2018 Hi, one of my WinVMs on Unraid got hacked via to easy VNC security password. (my fault) It is within possibility that the intruder could have discovered my Unraid root password and accessed over terminal to the server. By checking the Go file, no additional line was added or manipulated. It is my understanding that every additional software has to be listed here or will not be started during the boot process, is this correct? Otherwise spoken, if the Go file is not manipulated, is it save to assume that no malicious process will run on the server? How can i check? Is there a list of standard processes that are booted so i can cross check? Thanks for your help. Quote Link to comment
limetech Posted November 13, 2018 Share Posted November 13, 2018 Any packages found on flash in directory called 'extra' will be installed. Any plugins found in 'config/plugins/*' will be installed. The 'config/smb-extra.conf' file can be used to add extra Samba (SMB shares). 1 1 Quote Link to comment
jonp Posted November 13, 2018 Share Posted November 13, 2018 Also curious, did you expose the VNC connection directly to the Internet via port forwarding or something? Just curious how someone got in from the outside. Quote Link to comment
RayS23 Posted December 11, 2018 Author Share Posted December 11, 2018 Correct. Did assume that password protection will "protect" me...it did not. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.