I am a bit new to Linux and installed Kubuntu a few days ago. In the process, I enabled Desktop Sharing. I opened the ports on my router to allow connections from the outside. However, I made sure to set a password (and it was a strong one). I set it to allow uninvited connections. I did this so I could access my PC remotely. This was only going to be temporary until I setup a more secure solution.
Anyways, I woke up this morning and noticed the KRDC icon in my system tray was lit up (meaning someone was connected) and my system was running slower than normal. I hovered over the icon and it said there was a connection from an IP I did not know. I did a WHOIS search and discovered it belonged to an ISP in Korea. Obviously this wasn't anyone I knew. I have since disabled remote connections and am typing this from a different computer.
My questions are:
1. Does the KRDC icon light up if someone is TRYING to authenticate, or only when someone has SUCCESSFULLY connected?
2. Seeing as how I had a presumably secure password (over 13 characters long with upper, lower, numbers, and symbols) how would this be circumvented?
3. If someone did indeed succeed in infiltrating my system, what steps should I take next?
Thank you in advance for any help and advice.
Comment