log check for potential hack please?
Hello, I'm wondering if somone could please take a look at my terminal logs for a potential hack, I have a suspiscion that someone I know may be accessing my computer remotely to get a hold of my personal information. Also, when I opened the terminal, the last login time showed a date when I hadn't opened the terminal or even logged in to my computer.
If somone could help me out with this it would be much appreciated, thanks.
unknown58b03569efa5:~ jeff$ netstat -n
Active Internet connections
Proto Recv-Q Send-Q Local Address Foreign Address (state)
tcp4 0 0 192.168.1.66.52110 106.187.94.116.80 ESTABLISHED
tcp4 0 0 192.168.1.66.52109 91.233.244.102.80 CLOSE_WAIT
tcp4 0 0 192.168.1.66.51164 17.172.232.146.5223 ESTABLISHED
udp6 0 0 *.54867 *.*
udp4 0 0 *.54867 *.*
udp6 0 0 *.59770 *.*
udp4 0 0 *.59770 *.*
udp6 0 0 *.53760 *.*
udp4 0 0 *.53760 *.*
udp6 0 0 *.59290 *.*
udp4 0 0 *.59290 *.*
udp6 0 0 *.52246 *.*
udp4 0 0 *.52246 *.*
udp6 0 0 *.51559 *.*
udp4 0 0 *.51559 *.*
udp6 0 0 *.60301 *.*
udp4 0 0 *.60301 *.*
udp6 0 0 *.51106 *.*
udp4 0 0 *.51106 *.*
udp6 0 0 *.55806 *.*
udp4 0 0 *.55806 *.*
udp6 0 0 *.59413 *.*
udp4 0 0 *.59413 *.*
udp6 0 0 *.56719 *.*
udp4 0 0 *.56719 *.*
udp6 0 0 *.63271 *.*
udp4 0 0 *.63271 *.*
udp4 0 0 *.* *.*
udp4 0 0 *.* *.*
udp6 0 0 *.5353 *.*
udp4 0 0 *.5353 *.*
udp4 0 0 *.* *.*
udp4 42061 0 *.631 *.*
udp4 0 0 *.* *.*
udp4 0 0 *.* *.*
icm6 0 0 *.* *.*
Active LOCAL (UNIX) domain sockets
Address Type Recv-Q Send-Q Inode Conn Refs Nextref Addr
9ca39a0 stream 0 0 0 8cf33b0 0 0 /var/run/mDNSResponder
8cf33b0 stream 0 0 0 9ca39a0 0 0
8892750 stream 0 0 0 8cf25a0 0 0
8cf25a0 stream 0 0 0 8892750 0 0
9ca3760 stream 0 0 0 9ca3ac0 0 0 /var/run/mDNSResponder
9ca3ac0 stream 0 0 0 9ca3760 0 0
9ca3910 stream 0 0 0 9ca3a30 0 0 /var/tmp/launchd/sock
9ca3a30 stream 0 0 0 9ca3910 0 0
8cf2bd0 stream 0 0 0 88927e0 0 0 /var/run/mDNSResponder
88927e0 stream 0 0 0 8cf2bd0 0 0
8cf3b00 stream 0 0 0 8892d80 0 0 /var/run/mDNSResponder
8892d80 stream 0 0 0 8cf3b00 0 0
8cf4010 stream 37 0 0 0 0 0
8cf2240 stream 0 0 0 8cf2a20 0 0 /var/run/mDNSResponder
8cf2a20 stream 0 0 0 8cf2240 0 0
8cf2090 stream 0 0 0 8cf3b90 0 0 /var/run/mDNSResponder
8cf3b90 stream 0 0 0 8cf2090 0 0
8cf2000 stream 0 0 0 8cf2c60 0 0 /var/run/mDNSResponder
8cf2c60 stream 0 0 0 8cf2000 0 0
9ca3eb0 stream 0 0 0 8cf2360 0 0 /var/run/mDNSResponder
8cf2360 stream 0 0 0 9ca3eb0 0 0
8cf2630 stream 37 0 0 0 0 0
8cf21b0 stream 0 0 0 0 0 0
8cf2fc0 stream 37 0 0 0 0 0
8cf3710 stream 0 0 0 8892240 0 0 /var/run/usbmuxd
8892240 stream 0 0 0 8cf3710 0 0
8893290 stream 0 0 0 8cf3cb0 0 0 /var/run/mDNSResponder
8cf3cb0 stream 0 0 0 8893290 0 0
8cf2990 stream 0 0 0 8cf3830 0 0 /var/run/mDNSResponder
8cf3830 stream 0 0 0 8cf2990 0 0
8cf2870 stream 0 0 0 8cf2ab0 0 0 /var/run/mDNSResponder
8cf2ab0 stream 0 0 0 8cf2870 0 0
8cf3050 stream 0 0 0 8cf2900 0 0 /var/run/mDNSResponder
8cf2900 stream 0 0 0 8cf3050 0 0
8cf34d0 stream 0 0 0 0 0 0
8cf3e60 stream 0 0 0 8cf4b50 0 0 /var/run/mDNSResponder
8cf4b50 stream 0 0 0 8cf3e60 0 0
88923f0 stream 0 0 0 8cf4490 0 0
8cf4490 stream 0 0 0 88923f0 0 0
8cf35f0 stream 0 0 0 8cf3290 0 0 /var/run/usbmuxd
8cf3290 stream 0 0 0 8cf35f0 0 0
8893710 stream 0 0 0 8cf4ac0 0 0 /var/run/mDNSResponder
8cf4ac0 stream 0 0 0 8893710 0 0
8892a20 stream 0 0 0 8cf4370 0 0 /var/run/mDNSResponder
8cf4370 stream 0 0 0 8892a20 0 0
8cf3200 stream 0 0 0 8892fc0 0 0 /var/run/mDNSResponder
8892fc0 stream 0 0 0 8cf3200 0 0
88938c0 stream 0 0 0 8893320 0 0 /var/run/usbmuxd
8893320 stream 0 0 0 88938c0 0 0
8893440 stream 0 0 11d27030 0 0 0 /tmp/icssuis501
8cf37a0 stream 0 0 0 8cf4250 0 0 /var/run/mDNSResponder
8cf4250 stream 0 0 0 8cf37a0 0 0
8cf3170 stream 0 0 0 8892e10 0 0 /var/run/mDNSResponder
8892e10 stream 0 0 0 8cf3170 0 0
8cf4880 stream 0 0 0 8cf38c0 0 0
8cf38c0 stream 0 0 0 8cf4880 0 0
8cf3dd0 stream 0 0 0 8cf2d80 0 0
8cf2d80 stream 0 0 0 8cf3dd0 0 0
8cf3a70 stream 0 0 0 8cf4520 0 0
8cf4520 stream 0 0 0 8cf3a70 0 0
8cf4640 stream 0 0 0 8cf39e0 0 0
8cf39e0 stream 0 0 0 8cf4640 0 0
8cf4c70 stream 0 0 11d1b0c4 0 0 0 /tmp/launch-BH8Ulx/org.x:0
8cf30e0 stream 0 0 11d1b1ec 0 0 0 /tmp/launch-8ezztG/Listeners
8cf4eb0 stream 0 0 11d1b314 0 0 0 /tmp/launch-yN3RYH/Render
8cf45b0 stream 0 0 11d1b68c 0 0 0 /tmp/launchd-407.JtoUsv/sock
8894880 stream 0 0 0 88935f0 0 0
88935f0 stream 0 0 0 8894880 0 0
8cf4a30 stream 0 0 0 8892480 0 0 /var/run/mDNSResponder
8892480 stream 0 0 0 8cf4a30 0 0
88926c0 stream 0 0 0 88925a0 0 0
88925a0 stream 0 0 0 88926c0 0 0
8cf4910 stream 0 0 0 8cf4760 0 0
8cf4760 stream 0 0 0 8cf4910 0 0
8892630 stream 0 0 0 8cf49a0 0 0
8cf49a0 stream 0 0 0 8892630 0 0
8cf3f80 stream 0 0 0 8892bd0 0 0 /var/run/mDNSResponder
8892bd0 stream 0 0 0 8cf3f80 0 0
8cf41c0 stream 0 0 0 8cf46d0 0 0 /var/run/mDNSResponder
8cf46d0 stream 0 0 0 8cf41c0 0 0
8cf4400 stream 0 0 0 8893d40 0 0 /var/tmp/launchd/sock
8893d40 stream 0 0 0 8cf4400 0 0
88933b0 stream 0 0 0 8cf4f40 0 0
8cf4f40 stream 0 0 0 88933b0 0 0
8892f30 stream 0 0 9094e10 0 0 0 /var/run/pppconfd
8cf40a0 stream 0 0 0 8892990 0 0
8892990 stream 0 0 0 8cf40a0 0 0
8892090 stream 0 0 0 8892120 0 0
8892120 stream 0 0 0 8892090 0 0
88922d0 stream 0 0 0 8892360 0 0
8892360 stream 0 0 0 88922d0 0 0
8892870 stream 0 0 0 8892900 0 0
8892900 stream 0 0 0 8892870 0 0
8892ab0 stream 0 0 0 8892b40 0 0
8892b40 stream 0 0 0 8892ab0 0 0
8893050 stream 0 0 0 88930e0 0 0
88930e0 stream 0 0 0 8893050 0 0
88934d0 stream 0 0 0 8893560 0 0
8893560 stream 0 0 0 88934d0 0 0
8893a70 stream 0 0 0 8893b00 0 0
8893b00 stream 0 0 0 8893a70 0 0
8893cb0 stream 0 0 0 8893dd0 0 0
8893dd0 stream 0 0 0 8893cb0 0 0
8893e60 stream 0 0 0 8893ef0 0 0
8893ef0 stream 0 0 0 8893e60 0 0
8894010 stream 0 0 0 8893f80 0 0 /var/tmp/launchd/sock
8893f80 stream 0 0 0 8894010 0 0
88940a0 stream 0 0 0 8894130 0 0
8894130 stream 0 0 0 88940a0 0 0
8894250 stream 0 0 0 88941c0 0 0 /var/tmp/launchd/sock
88941c0 stream 0 0 0 8894250 0 0
8894370 stream 0 0 0 88942e0 0 0
88942e0 stream 0 0 0 8894370 0 0
8894490 stream 0 0 0 8894400 0 0
8894400 stream 0 0 0 8894490 0 0
88945b0 stream 0 0 0 8894520 0 0
8894520 stream 0 0 0 88945b0 0 0
88946d0 stream 0 0 0 8894640 0 0
8894640 stream 0 0 0 88946d0 0 0
8894760 stream 0 0 0 88947f0 0 0
88947f0 stream 0 0 0 8894760 0 0
88949a0 stream 0 0 8aa1b90 0 0 0 /var/tmp/launchd/sock
8894a30 stream 0 0 8aa1cb8 0 0 0 /private/var/run/cupsd
8894ac0 stream 0 0 8aa1e74 0 0 0 /var/run/usbmuxd
8894be0 stream 0 0 8aa1f9c 0 0 0 /var/run/asl_input
8894c70 stream 0 0 8aa2030 0 0 0 /var/run/SCHelper
8894d00 stream 0 0 8aa20c4 0 0 0 /var/run/vpncontrol.sock
8894d90 stream 0 0 8aa2158 0 0 0 /private/var/run/printtool
8894e20 stream 0 0 8aa21ec 0 0 0 /var/run/portmap.socket
8894f40 stream 0 0 8aa2280 0 0 0 /var/run/mDNSResponder
8894eb0 stream 0 0 8aa2314 0 0 0 /var/run/com.apple.ActivityMonitor.socket
9ca37f0 dgram 0 0 0 9ca3b50 9ca3b50 0
9ca3b50 dgram 0 0 0 9ca37f0 9ca37f0 0
8cf3c20 dgram 0 0 0 9ca3f40 9ca3f40 0
9ca3f40 dgram 0 0 0 8cf3c20 8cf3c20 0
8cf26c0 dgram 0 0 0 8cf2cf0 8cf2cf0 0
8cf2cf0 dgram 0 0 0 8cf26c0 8cf26c0 0
8cf2750 dgram 0 0 0 8cf27e0 8cf27e0 0
8cf27e0 dgram 0 0 0 8cf2750 8cf2750 0
8cf3950 dgram 0 0 0 9ca3d90 9ca3d90 0
9ca3d90 dgram 0 0 0 8cf3950 8cf3950 0
8892c60 dgram 0 0 0 8893200 8893200 0
8893200 dgram 0 0 0 8892c60 8892c60 0
8893680 dgram 0 0 0 8cf3680 8cf3680 0
8cf3680 dgram 0 0 0 8893680 8893680 0
8892ea0 dgram 0 0 0 8cf3440 8cf3440 0
8cf3440 dgram 0 0 0 8892ea0 8892ea0 0
88937a0 dgram 0 0 0 8cf3320 8cf3320 0
8cf3320 dgram 0 0 0 88937a0 88937a0 0
8cf2e10 dgram 0 0 0 8cf4e20 8cf4e20 0
8cf4e20 dgram 0 0 0 8cf2e10 8cf2e10 0
88939e0 dgram 0 0 0 8cf2ea0 8cf2ea0 0
8cf2ea0 dgram 0 0 0 88939e0 88939e0 0
8cf3ef0 dgram 0 0 0 8cf3d40 8cf3d40 0
8cf3d40 dgram 0 0 0 8cf3ef0 8cf3ef0 0
8892000 dgram 0 0 0 8cf42e0 8cf42e0 0
8cf42e0 dgram 0 0 0 8892000 8892000 0
8cf3560 dgram 0 0 0 8cf2f30 8cf2f30 0
8cf2f30 dgram 0 0 0 8cf3560 8cf3560 0
8cf47f0 dgram 0 0 0 8cf4d90 8cf4d90 0
8cf4d90 dgram 0 0 0 8cf47f0 8cf47f0 0
8893170 dgram 0 0 0 8cf4be0 8cf4be0 0
8cf4be0 dgram 0 0 0 8893170 8893170 0
8893830 dgram 0 0 0 8893950 8893950 0
8893950 dgram 0 0 0 8893830 8893830 0
8892510 dgram 0 0 0 8cf4130 8cf4130 0
8cf4130 dgram 0 0 0 8892510 8892510 0
8893c20 dgram 0 0 0 8893b90 8893b90 0
8893b90 dgram 0 0 0 8893c20 8893c20 0
8894b50 dgram 0 0 8aa1f08 0 0 0 /var/run/syslog
unknown58b03569efa5:~ jeff$ w
18:08 up 6 days, 21:10, 2 users, load averages: 0.19 0.30 0.47
USER TTY FROM LOGIN@ IDLE WHAT
jeff console - Fri10 6days -
jeff s000 - 17:42 - w
unknown58b03569efa5:~ jeff$
MacBook Pro, Mac OS X (10.6.8)