On Fri, 29 Apr 2005 17:27:58 -0400 "M.Rudra" dr.rudra@gmail.com wrote
On 4/27/05, Thomas Cameron thomas.cameron@camerontech.com wrote:
something.) Also check in /tmp and /var. And any luck with the .bash_history? (For both the users and for root....)
Especially /var/tmp - that's a common place for rootkits to live.
a doubt here ,
i checked /tmp and found
srwxrwxrwx 1 wnn wnn 0 Apr 27 22:30 jd_sockV4 why does this file (socket) have different owner and user, while all others have either root or userabc.
wnn is your input method's user. (That's the software that allows you to type in non-Latin script with more characters than fit on the keyboard.)
[...]
-- Joel Rees rees@ddcom.co.jp digitcom, inc. 株式会社デジコム Kobe, Japan +81-78-672-8800 ** http://www.ddcom.co.jp **