Hi,
in my sid installation the synaptics logon screen asking for root
password started warning about "could not grab keyboard, malicious
agent". Chkrootkit gave a "bindshell on port 1630" warning.
The warning was only generated when the adsl connection is on.
Can this be somebody('s bot) trying over adsl?
I have a hardware router/switch (sweex) with rather primitive firewall.
Not very clear what it does.
Connection is ptpp/vpn with fixed ip#.
Made a new partition, installed new sid with serious password, installed
bastille, planning to mount the existing partition for /home (reusing
existing /home and perhaps some /etc files). Is this safe?
This is my experimental machine, no real harm.
A different sarge machine chrootkits as "4 hidden processes, possible
LKM trojan", I bastilled this machine too. Google seemed to indicate
this may not be serious, it is a P4 with multiple threading (not enabled
I think). Now I feel less secure.
My woody server (66 MHz) and a sarge (355 MHz) laptop have no chkrootkit
warnings (too slow for a hacker?).
Any other packages recommended for battening down the hatches?
mvg Boudewijn
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
- arabic unicode in terminals Nori Heikkinen
- Re: arabic unicode in terminals Jan Minar
- Re: being hacked? @(none)
- Re: being hacked? Adam Aube
- Re: being hacked? - hatches/hardening Alvin Oga
- Re: being hacked? - hatches/harden... Monique Y. Herman
- Re: being hacked? - hatches/ha... Jens Simmoleit
- Re: being hacked? - hatche... Alvin Oga
- Re: being hacked? - hatche... Arnt Karlsen
- Re: being hacked? - hatches/ha... Adam Aube
- Re: arabic unicode in terminals Nori Heikkinen
- Re: arabic unicode in terminals Jan Minar
- Re: arabic unicode in terminals Robert Voppmann
