[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] Hacked?

Subject: [cobalt-security] Hacked?
From: grahams@xxxxxxxxxx
Date: Thu, 15 Feb 2001 23:56:22 +1300
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

From a Linux newby.
The machine is a Cobalt RAQ3.
It is rented from a hosting company.

The first sign was no email then discovered no DNS.
Does the following give any clues as to whether the machine has been hacked or
whether it has fallen over for some other reason before I pay the hosting
company to
rebuild.

Using RPM -Vv on each package produced no changes in all packages except the
following.

Setup-2.0.2-C2
S.5....T c/etc/motd
..?....T c/etc/security

glibc-2.1.1-6
....|... c/etc/localtime

shadow-utils-980403-12
..?..... c/etc/default/useradd

SysVinit-2.74-11
.M...... /usr/bin/wall

fileutils-4.0-1_C1
S.5....T /usr/bin/dir
S.5....T c /usr/bin/du

Info-3.12f-4
.S.5....T c /etc/info.dir

Data-Dumper-2.101-1

..5....T /usr/lib/perl5/5.00503/i386-linux/auto/Data/Dumper/Dumper.so
SM5....T /usr/lib/perl5/man/man3/Data::Dumper.3

Digest-MD5-2.07-1

S.5...T /usr/lib/perl5/site_perl/5.005./i386-linux/MD5.pm

Thanking you in advance.

Prev by Date: RE: [cobalt-security] Another Raq3 Hack
Next by Date: [cobalt-security] RAQ2 Bind 8.2.3 patch won't install
Previous by thread: Re: [cobalt-security] [RaQ3i] Raq3 PortHack, port 111
Next by thread: [cobalt-security] Hacked?

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index