[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] Chkrootkit Report Warning

Subject: [cobalt-security] Chkrootkit Report Warning
From: enrique <enriquevega@xxxxxxx>
Date: Mon, 10 Sep 2001 12:15:38 -0400
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

I have a concern with the report I received this morning fromchkrootkit. It is a warning about shell history files dealing with "//."I don't understand why I would have a double slash directory listing.Can anyone give me an idea? Below is a partial listing from the report:


Searching for anomalies in shell history files... Warning: `//var/tmp
//var/log/httpd
//var/spool/mail/kfarley
//etc/localtime
//etc/rc.d/init.d/pmfirewall
//etc/rc.d/init.d/webmin
//etc/rc.d/rc0.d/K90mysql
...

Could this be a hacked secondary file system?

enrique

Follow-Ups:
- Re: [cobalt-security] Chkrootkit Report Warning
  - From: John Bailey

Prev by Date: [cobalt-security] Linux Remote Shell Trojan
Next by Date: Re: [cobalt-security] about cd .. command can change home directory up to root server
Previous by thread: [cobalt-security] Linux Remote Shell Trojan
Next by thread: Re: [cobalt-security] Chkrootkit Report Warning

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index