Box Cracked ( Was: thank's )
bob.smith at kolumbus.fi
bob.smith at kolumbus.fi
Sat Oct 20 17:07:44 UTC 2007
Gene Heskett <gene.heskett at verizon.net> kirjoitti:
> On Saturday 20 October 2007, bob.smith at kolumbus.fi wrote:
> >Manuel Arostegui Ramirez <manuel at todo-linux.com> kirjoitti:
> >> El Sábado, 20 de Octubre de 2007 18:42, bob.smith at kolumbus.fi escribió:
> >> > here ls -laR /tmp
> >>
> >> Seems to me you're ignoring my other suggestions...such as tell us what
> >> the hell make you think you've been visited by a hacker...
> >> Keep hiding us the basic information and the whole history of what
> >> happened to your system and you'll realised how this thread is sent to
> >> /dev/null
> >>
> >> Manuel.
> >> --
> >> Manuel Arostegui Ramirez.
> >>
> >> Electronic Mail is not secure, may not be read every day, and should not
> >> be used for urgent or sensitive issues.
> >>
> >> --
> >> fedora-list mailing list
> >> fedora-list at redhat.com
> >> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
> >
> >these are a mentioned in rkhunter:
> >
> >[19:20:07] /usr/bin/groups [ Warning ]
> >[19:20:07] Warning: The command '/usr/bin/groups' has been replaced by a
> > script: /usr/bin/groups: Bourne shell script text executable [[19:20:08]
> > /usr/bin/ldd [ Warning ] [19:20:08]
> > Warning: The command '/usr/bin/ldd' has been replaced by a script:
> > /usr/bin/ldd: Bourne shell script text executable [[19:20:11]
> > /usr/bin/whatis [ Warning ] [19:20:11]
> > Warning: The command '/usr/bin/whatis' has been replaced by a script:
> > /usr/bin/whatis: Bourne shell script text executable [[19:20:12] Warning:
> > The command '/sbin/ifdown' has been replaced by a script: /sbin/ifdown:
> > Bourne-Again shell script text executable [19:20:12] /sbin/ifup
> > [ Warning ] [19:20:12] Warning: The command
> > '/sbin/ifup' has been replaced by a script: /sbin/ifup: Bourne-Again shell
> > script text executable [19:20:52] Info: Rkhunter option ALLOW_SSH_ROOT_USER
> > set to 'no'.
> >[19:20:52] Checking if SSH root access is allowed [ Warning ]
> >[19:20:52] Warning: The SSH configuration option 'PermitRootLogin' has not
> > been set. The default value may be 'yes', to allow root access.
> >[
> >is this normal on FC6?
> >
> >--
>
> Apparently so, that is what I get here, they are scripts. FC6 too.
>
> --
> Cheers, Gene
> "There are four boxes to be used in defense of liberty:
> soap, ballot, jury, and ammo. Please use in that order."
> -Ed Howdershelt (Author)
> Lackland's Laws:
> (1) Never be first.
> (2) Never be last.
> (3) Never volunteer for anything
>
thank's, appears normal then,
do you have any information about how a tmp directory shoud look like under "normal" circumstances?
(this box has mysql(not running at the time of ls -laR, tomcat(not running right now), apache(not running right now). One user logged on (inetd off, xinetd off, no sshd, no ftp, in other words the bare minimum to run a box and gui)
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
>
--
More information about the users
mailing list