> I have a stand-alone machine, with dialup ppp connection (using diald). I > think someone was trying to hack me today, and I'd like advice on how to > find out whether they succeded, and what to do about it. I'd also appreciate > suggestions on the easiest way to prevent, or at least monitor, such > activity in the future. You can get the iplogger package, which will log every tcp connection made to your machine. The lsof package is also useful for finding out if a service is running on a port on your own machine. I believe lsof is kernel version dependent, so you may have to expirement some.... example: [bash]$ lsof -i :22 COMMAND PID USER FD TYPE DEVICE SIZE/OFF INODE NAME sshd 32211 root 6u inet 0x0149ac0c 0t0 TCP *:ssh (LISTEN) Also, if you are paranoid, I would suggest getting the tripwire package. This will monitor your system for changed system files.