When I tried to verify my /bin/login db I get the following.
$ rpm -V util-linux-2.9w-24
S.5T c /etc/pam.d/login
..?. /usr/bin/chfn
..?. /usr/bin/chsh
..?. /usr/bin/newgrp
Is this what I am supposed to get? What does S.5T c mean?
TIA
Steve
Uptime: 6:37am up 15 days
Mine is the same
On 21-Mar-2000 Scott Skrogstad wrote:
> I looked at /bin/login and it has a date of sept 9, 1999. What should I
> look for in the logs?
>
> Scott Skrogstad
> Computer Integration Inc,
> [EMAIL PROTECTED]
> 800-522-3475 Phone
>
> On Tue, 21 Mar 2000, Frederic Herman wrote:
>
>
Make sure you get the new installation patched ASAP. In particular, the
latest favorite exploit makes use of a hole in the bind packages. Visit
the Redhat errata regularly to find the securitiy holes before the
crackers do. I know from experience. I got the patch religion when one
of my server
OK my primary name server look like it got hacked. Wonderful I am
building another machine to install RH on it and get stuff moved over.
Damn don't these hackers have anything better to do!!
Scott Skrogstad
Computer Integration Inc,
[EMAIL PROTECTED]
800-522-3475 Phone
On Tue, 21 Mar 2000,
try to verify the files. First type:
rpm -qf /bin/login
That will give you the package to verify against. Then type:
rpm -V the-package-name
The reason I suggested checking this routine is that it's the first
thing the cracker goes after.
As for the /var/log files, see if there's anything str
21, 2000 9:57 AM
To: [EMAIL PROTECTED]
Subject: Re: server slowdown
I looked at /bin/login and it has a date of sept 9, 1999. What should I
look for in the logs?
Scott Skrogstad
Computer Integration Inc,
[EMAIL PROTECTED]
800-522-3475 Phone
On Tue, 21 Mar 2000, Frederic Herman wrote:
>
I looked at /bin/login and it has a date of sept 9, 1999. What should I
look for in the logs?
Scott Skrogstad
Computer Integration Inc,
[EMAIL PROTECTED]
800-522-3475 Phone
On Tue, 21 Mar 2000, Frederic Herman wrote:
> One possibility. Your server was cracked. I'd look there first. Look
> a
How do I check to see if I am getting DOS attack. I have run TOP and
everything looks good.
Scott Skrogstad
Computer Integration Inc,
[EMAIL PROTECTED]
800-522-3475 Phone
On Tue, 21 Mar 2000, Bernhard Rosenkraenzer wrote:
> On Tue, 21 Mar 2000, Scott Skrogstad wrote:
>
> > Today I tried to te
On Tue, 21 Mar 2000, Scott Skrogstad wrote:
> Today I tried to telnet to one of my servers that is normaly very fast.
> And it took forever to get a login prompt. What could be the problem?
A lot of things are possible... including:
- reverse DNS lookup for your client's IP not working
- someon
One possibility. Your server was cracked. I'd look there first. Look
at your log files, see if files like /bin/login have been changed. If
you can rule this out, next thing to check is DNS.
Fred
Scott Skrogstad wrote:
>
> Today I tried to telnet to one of my servers that is normaly very fa
Today I tried to telnet to one of my servers that is normaly very fast.
And it took forever to get a login prompt. What could be the problem?
Scott Skrogstad
Computer Integration Inc,
[EMAIL PROTECTED]
800-522-3475 Phone
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subj
11 matches
Mail list logo
