I'm running the stock firewall on F10 and when I run the sectool the firewall always fails, It says.
Error, Firewall, No firewall rules in IPv4 INPUT chain and policy is set to ACCEPT.
There is always one active connection, even when I'm not accessing the net, no IM, NO browser, NO twitter etc. What is really strange, when I type anything network history shows an increase in data packets flowing out.
My brother is the linux geek, but he is in iraq.
Lorenzo
On Fri, 20 Mar 2009 14:51:22 -0700 lorenzo linux@nethere.com wrote:
I'm running the stock firewall on F10 and when I run the sectool the firewall always fails, It says.
Error, Firewall, No firewall rules in IPv4 INPUT chain and policy is set to ACCEPT.
There is always one active connection, even when I'm not accessing the net, no IM, NO browser, NO twitter etc. What is really strange, when I type anything network history shows an increase in data packets flowing out.
My brother is the linux geek, but he is in iraq
The first thing you want is a tool called "chkrootkit", which is basically a scanner for known trojans and attack tools used against Linux boxes.
tcpdump might also give you some idea what is going out and where
Thanks for the reply.
I installed the rootkit, this was the only thing that really displayed anything. I'm not sure what it means? Everything else was nothing, nothing deleted etc.
Checking `chkutmp'... The tty of the following user process(es) were not found in /var/run/utmp ! ! RUID PID TTY CMD ! root 2570 tty1 /usr/bin/Xorg :0 -nr -verbose -auth /var/run/gdm/auth-for-gdm-E11BQz/database -nolisten tcp vt1 chkutmp: nothing deleted
Lorenzo
On Fri, 2009-03-20 at 22:02 +0000, Alan Cox wrote:
On Fri, 20 Mar 2009 14:51:22 -0700 lorenzo linux@nethere.com wrote:
I'm running the stock firewall on F10 and when I run the sectool the firewall always fails, It says.
Error, Firewall, No firewall rules in IPv4 INPUT chain and policy is set to ACCEPT.
There is always one active connection, even when I'm not accessing the net, no IM, NO browser, NO twitter etc. What is really strange, when I type anything network history shows an increase in data packets flowing out.
My brother is the linux geek, but he is in iraq
The first thing you want is a tool called "chkrootkit", which is basically a scanner for known trojans and attack tools used against Linux boxes.
tcpdump might also give you some idea what is going out and where
-
Alan Cox -
lorenzo