Want to highlight a helpful answer? Upvote!

Did someone help you, or did an answer or User Tip resolve your issue? Upvote by selecting the upvote arrow. Your feedback helps others! Learn more about when to upvote >

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: grilledcheese11
grilledcheese11 Author
User level: Level 1
0 points

log check for potential hack please?

Hello, I'm wondering if somone could please take a look at my terminal logs for a potential hack, I have a suspiscion that someone I know may be accessing my computer remotely to get a hold of my personal information. Also, when I opened the terminal, the last login time showed a date when I hadn't opened the terminal or even logged in to my computer.

If somone could help me out with this it would be much appreciated, thanks.


unknown58b03569efa5:~ jeff$ netstat -n

Active Internet connections

Proto Recv-Q Send-Q Local Address Foreign Address (state)

tcp4 0 0 192.168.1.66.52110 106.187.94.116.80 ESTABLISHED

tcp4 0 0 192.168.1.66.52109 91.233.244.102.80 CLOSE_WAIT

tcp4 0 0 192.168.1.66.51164 17.172.232.146.5223 ESTABLISHED

udp6 0 0 *.54867 *.*

udp4 0 0 *.54867 *.*

udp6 0 0 *.59770 *.*

udp4 0 0 *.59770 *.*

udp6 0 0 *.53760 *.*

udp4 0 0 *.53760 *.*

udp6 0 0 *.59290 *.*

udp4 0 0 *.59290 *.*

udp6 0 0 *.52246 *.*

udp4 0 0 *.52246 *.*

udp6 0 0 *.51559 *.*

udp4 0 0 *.51559 *.*

udp6 0 0 *.60301 *.*

udp4 0 0 *.60301 *.*

udp6 0 0 *.51106 *.*

udp4 0 0 *.51106 *.*

udp6 0 0 *.55806 *.*

udp4 0 0 *.55806 *.*

udp6 0 0 *.59413 *.*

udp4 0 0 *.59413 *.*

udp6 0 0 *.56719 *.*

udp4 0 0 *.56719 *.*

udp6 0 0 *.63271 *.*

udp4 0 0 *.63271 *.*

udp4 0 0 *.* *.*

udp4 0 0 *.* *.*

udp6 0 0 *.5353 *.*

udp4 0 0 *.5353 *.*

udp4 0 0 *.* *.*

udp4 42061 0 *.631 *.*

udp4 0 0 *.* *.*

udp4 0 0 *.* *.*

icm6 0 0 *.* *.*

Active LOCAL (UNIX) domain sockets

Address Type Recv-Q Send-Q Inode Conn Refs Nextref Addr

9ca39a0 stream 0 0 0 8cf33b0 0 0 /var/run/mDNSResponder

8cf33b0 stream 0 0 0 9ca39a0 0 0

8892750 stream 0 0 0 8cf25a0 0 0

8cf25a0 stream 0 0 0 8892750 0 0

9ca3760 stream 0 0 0 9ca3ac0 0 0 /var/run/mDNSResponder

9ca3ac0 stream 0 0 0 9ca3760 0 0

9ca3910 stream 0 0 0 9ca3a30 0 0 /var/tmp/launchd/sock

9ca3a30 stream 0 0 0 9ca3910 0 0

8cf2bd0 stream 0 0 0 88927e0 0 0 /var/run/mDNSResponder

88927e0 stream 0 0 0 8cf2bd0 0 0

8cf3b00 stream 0 0 0 8892d80 0 0 /var/run/mDNSResponder

8892d80 stream 0 0 0 8cf3b00 0 0

8cf4010 stream 37 0 0 0 0 0

8cf2240 stream 0 0 0 8cf2a20 0 0 /var/run/mDNSResponder

8cf2a20 stream 0 0 0 8cf2240 0 0

8cf2090 stream 0 0 0 8cf3b90 0 0 /var/run/mDNSResponder

8cf3b90 stream 0 0 0 8cf2090 0 0

8cf2000 stream 0 0 0 8cf2c60 0 0 /var/run/mDNSResponder

8cf2c60 stream 0 0 0 8cf2000 0 0

9ca3eb0 stream 0 0 0 8cf2360 0 0 /var/run/mDNSResponder

8cf2360 stream 0 0 0 9ca3eb0 0 0

8cf2630 stream 37 0 0 0 0 0

8cf21b0 stream 0 0 0 0 0 0

8cf2fc0 stream 37 0 0 0 0 0

8cf3710 stream 0 0 0 8892240 0 0 /var/run/usbmuxd

8892240 stream 0 0 0 8cf3710 0 0

8893290 stream 0 0 0 8cf3cb0 0 0 /var/run/mDNSResponder

8cf3cb0 stream 0 0 0 8893290 0 0

8cf2990 stream 0 0 0 8cf3830 0 0 /var/run/mDNSResponder

8cf3830 stream 0 0 0 8cf2990 0 0

8cf2870 stream 0 0 0 8cf2ab0 0 0 /var/run/mDNSResponder

8cf2ab0 stream 0 0 0 8cf2870 0 0

8cf3050 stream 0 0 0 8cf2900 0 0 /var/run/mDNSResponder

8cf2900 stream 0 0 0 8cf3050 0 0

8cf34d0 stream 0 0 0 0 0 0

8cf3e60 stream 0 0 0 8cf4b50 0 0 /var/run/mDNSResponder

8cf4b50 stream 0 0 0 8cf3e60 0 0

88923f0 stream 0 0 0 8cf4490 0 0

8cf4490 stream 0 0 0 88923f0 0 0

8cf35f0 stream 0 0 0 8cf3290 0 0 /var/run/usbmuxd

8cf3290 stream 0 0 0 8cf35f0 0 0

8893710 stream 0 0 0 8cf4ac0 0 0 /var/run/mDNSResponder

8cf4ac0 stream 0 0 0 8893710 0 0

8892a20 stream 0 0 0 8cf4370 0 0 /var/run/mDNSResponder

8cf4370 stream 0 0 0 8892a20 0 0

8cf3200 stream 0 0 0 8892fc0 0 0 /var/run/mDNSResponder

8892fc0 stream 0 0 0 8cf3200 0 0

88938c0 stream 0 0 0 8893320 0 0 /var/run/usbmuxd

8893320 stream 0 0 0 88938c0 0 0

8893440 stream 0 0 11d27030 0 0 0 /tmp/icssuis501

8cf37a0 stream 0 0 0 8cf4250 0 0 /var/run/mDNSResponder

8cf4250 stream 0 0 0 8cf37a0 0 0

8cf3170 stream 0 0 0 8892e10 0 0 /var/run/mDNSResponder

8892e10 stream 0 0 0 8cf3170 0 0

8cf4880 stream 0 0 0 8cf38c0 0 0

8cf38c0 stream 0 0 0 8cf4880 0 0

8cf3dd0 stream 0 0 0 8cf2d80 0 0

8cf2d80 stream 0 0 0 8cf3dd0 0 0

8cf3a70 stream 0 0 0 8cf4520 0 0

8cf4520 stream 0 0 0 8cf3a70 0 0

8cf4640 stream 0 0 0 8cf39e0 0 0

8cf39e0 stream 0 0 0 8cf4640 0 0

8cf4c70 stream 0 0 11d1b0c4 0 0 0 /tmp/launch-BH8Ulx/org.x:0

8cf30e0 stream 0 0 11d1b1ec 0 0 0 /tmp/launch-8ezztG/Listeners

8cf4eb0 stream 0 0 11d1b314 0 0 0 /tmp/launch-yN3RYH/Render

8cf45b0 stream 0 0 11d1b68c 0 0 0 /tmp/launchd-407.JtoUsv/sock

8894880 stream 0 0 0 88935f0 0 0

88935f0 stream 0 0 0 8894880 0 0

8cf4a30 stream 0 0 0 8892480 0 0 /var/run/mDNSResponder

8892480 stream 0 0 0 8cf4a30 0 0

88926c0 stream 0 0 0 88925a0 0 0

88925a0 stream 0 0 0 88926c0 0 0

8cf4910 stream 0 0 0 8cf4760 0 0

8cf4760 stream 0 0 0 8cf4910 0 0

8892630 stream 0 0 0 8cf49a0 0 0

8cf49a0 stream 0 0 0 8892630 0 0

8cf3f80 stream 0 0 0 8892bd0 0 0 /var/run/mDNSResponder

8892bd0 stream 0 0 0 8cf3f80 0 0

8cf41c0 stream 0 0 0 8cf46d0 0 0 /var/run/mDNSResponder

8cf46d0 stream 0 0 0 8cf41c0 0 0

8cf4400 stream 0 0 0 8893d40 0 0 /var/tmp/launchd/sock

8893d40 stream 0 0 0 8cf4400 0 0

88933b0 stream 0 0 0 8cf4f40 0 0

8cf4f40 stream 0 0 0 88933b0 0 0

8892f30 stream 0 0 9094e10 0 0 0 /var/run/pppconfd

8cf40a0 stream 0 0 0 8892990 0 0

8892990 stream 0 0 0 8cf40a0 0 0

8892090 stream 0 0 0 8892120 0 0

8892120 stream 0 0 0 8892090 0 0

88922d0 stream 0 0 0 8892360 0 0

8892360 stream 0 0 0 88922d0 0 0

8892870 stream 0 0 0 8892900 0 0

8892900 stream 0 0 0 8892870 0 0

8892ab0 stream 0 0 0 8892b40 0 0

8892b40 stream 0 0 0 8892ab0 0 0

8893050 stream 0 0 0 88930e0 0 0

88930e0 stream 0 0 0 8893050 0 0

88934d0 stream 0 0 0 8893560 0 0

8893560 stream 0 0 0 88934d0 0 0

8893a70 stream 0 0 0 8893b00 0 0

8893b00 stream 0 0 0 8893a70 0 0

8893cb0 stream 0 0 0 8893dd0 0 0

8893dd0 stream 0 0 0 8893cb0 0 0

8893e60 stream 0 0 0 8893ef0 0 0

8893ef0 stream 0 0 0 8893e60 0 0

8894010 stream 0 0 0 8893f80 0 0 /var/tmp/launchd/sock

8893f80 stream 0 0 0 8894010 0 0

88940a0 stream 0 0 0 8894130 0 0

8894130 stream 0 0 0 88940a0 0 0

8894250 stream 0 0 0 88941c0 0 0 /var/tmp/launchd/sock

88941c0 stream 0 0 0 8894250 0 0

8894370 stream 0 0 0 88942e0 0 0

88942e0 stream 0 0 0 8894370 0 0

8894490 stream 0 0 0 8894400 0 0

8894400 stream 0 0 0 8894490 0 0

88945b0 stream 0 0 0 8894520 0 0

8894520 stream 0 0 0 88945b0 0 0

88946d0 stream 0 0 0 8894640 0 0

8894640 stream 0 0 0 88946d0 0 0

8894760 stream 0 0 0 88947f0 0 0

88947f0 stream 0 0 0 8894760 0 0

88949a0 stream 0 0 8aa1b90 0 0 0 /var/tmp/launchd/sock

8894a30 stream 0 0 8aa1cb8 0 0 0 /private/var/run/cupsd

8894ac0 stream 0 0 8aa1e74 0 0 0 /var/run/usbmuxd

8894be0 stream 0 0 8aa1f9c 0 0 0 /var/run/asl_input

8894c70 stream 0 0 8aa2030 0 0 0 /var/run/SCHelper

8894d00 stream 0 0 8aa20c4 0 0 0 /var/run/vpncontrol.sock

8894d90 stream 0 0 8aa2158 0 0 0 /private/var/run/printtool

8894e20 stream 0 0 8aa21ec 0 0 0 /var/run/portmap.socket

8894f40 stream 0 0 8aa2280 0 0 0 /var/run/mDNSResponder

8894eb0 stream 0 0 8aa2314 0 0 0 /var/run/com.apple.ActivityMonitor.socket

9ca37f0 dgram 0 0 0 9ca3b50 9ca3b50 0

9ca3b50 dgram 0 0 0 9ca37f0 9ca37f0 0

8cf3c20 dgram 0 0 0 9ca3f40 9ca3f40 0

9ca3f40 dgram 0 0 0 8cf3c20 8cf3c20 0

8cf26c0 dgram 0 0 0 8cf2cf0 8cf2cf0 0

8cf2cf0 dgram 0 0 0 8cf26c0 8cf26c0 0

8cf2750 dgram 0 0 0 8cf27e0 8cf27e0 0

8cf27e0 dgram 0 0 0 8cf2750 8cf2750 0

8cf3950 dgram 0 0 0 9ca3d90 9ca3d90 0

9ca3d90 dgram 0 0 0 8cf3950 8cf3950 0

8892c60 dgram 0 0 0 8893200 8893200 0

8893200 dgram 0 0 0 8892c60 8892c60 0

8893680 dgram 0 0 0 8cf3680 8cf3680 0

8cf3680 dgram 0 0 0 8893680 8893680 0

8892ea0 dgram 0 0 0 8cf3440 8cf3440 0

8cf3440 dgram 0 0 0 8892ea0 8892ea0 0

88937a0 dgram 0 0 0 8cf3320 8cf3320 0

8cf3320 dgram 0 0 0 88937a0 88937a0 0

8cf2e10 dgram 0 0 0 8cf4e20 8cf4e20 0

8cf4e20 dgram 0 0 0 8cf2e10 8cf2e10 0

88939e0 dgram 0 0 0 8cf2ea0 8cf2ea0 0

8cf2ea0 dgram 0 0 0 88939e0 88939e0 0

8cf3ef0 dgram 0 0 0 8cf3d40 8cf3d40 0

8cf3d40 dgram 0 0 0 8cf3ef0 8cf3ef0 0

8892000 dgram 0 0 0 8cf42e0 8cf42e0 0

8cf42e0 dgram 0 0 0 8892000 8892000 0

8cf3560 dgram 0 0 0 8cf2f30 8cf2f30 0

8cf2f30 dgram 0 0 0 8cf3560 8cf3560 0

8cf47f0 dgram 0 0 0 8cf4d90 8cf4d90 0

8cf4d90 dgram 0 0 0 8cf47f0 8cf47f0 0

8893170 dgram 0 0 0 8cf4be0 8cf4be0 0

8cf4be0 dgram 0 0 0 8893170 8893170 0

8893830 dgram 0 0 0 8893950 8893950 0

8893950 dgram 0 0 0 8893830 8893830 0

8892510 dgram 0 0 0 8cf4130 8cf4130 0

8cf4130 dgram 0 0 0 8892510 8892510 0

8893c20 dgram 0 0 0 8893b90 8893b90 0

8893b90 dgram 0 0 0 8893c20 8893c20 0

8894b50 dgram 0 0 8aa1f08 0 0 0 /var/run/syslog

unknown58b03569efa5:~ jeff$ w

18:08 up 6 days, 21:10, 2 users, load averages: 0.19 0.30 0.47

USER TTY FROM LOGIN@ IDLE WHAT

jeff console - Fri10 6days -

jeff s000 - 17:42 - w

unknown58b03569efa5:~ jeff$

MacBook Pro, Mac OS X (10.6.8)

Posted on Feb 21, 2013 4:43 PM

Reply

There are no replies.

log check for potential hack please?

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up