[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Have you been hacked?
- Subject: Re: [cobalt-security] Have you been hacked?
- From: "David Seaton" <david@xxxxxxxxxxx>
- Date: Mon, 15 Jul 2002 03:54:21 -0400
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Martin,
No, it's cool man, I -think- everything is fine. Nobody seemed to say anything
about the last two
> .M...... /usr/bin/newgrp
> .M...... /usr/bin/write
I was just asking about the other messages.
> S.5....T c /etc/pam.d/chfn
> S.5....T c /etc/pam.d/chsh
> S.5....T c /etc/pam.d/login
If you note, I did not use the "|grep bin" at the end of my execution string.
Curiosity I suppose.
----- Original Message -----
From: "Martín Fiumara" <martinfiumara@xxxxxxxxxxx>
To: <cobalt-security@xxxxxxxxxxxxxxx>
Sent: Monday, July 15, 2002 3:37 AM
Subject: Re: [cobalt-security] Have you been hacked?
David, can you tell me what that result means? Im just learning Linux basics
:)
Means that the server has been hacked?
If not, must I reinstall something o fix something? The raq3 has all the
cobalt patches uptodate....
Thanks for the help
----- Original Message -----
From: "David Seaton" <david@xxxxxxxxxxx>
To: <cobalt-security@xxxxxxxxxxxxxxx>
Sent: Monday, July 15, 2002 4:07 AM
Subject: Re: [cobalt-security] Have you been hacked?
> Just for fun I checked myself with:
> rpm -Vf /bin/login /usr/sbin/tcpd
>
> and results where:
> S.5....T c /etc/pam.d/chfn
> S.5....T c /etc/pam.d/chsh
> S.5....T c /etc/pam.d/login
> .M...... /usr/bin/newgrp
> .M...... /usr/bin/write
>
> Nothing to worry about right?
>
> -David Seaton
>
> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security
>
_______________________________________________
cobalt-security mailing list
cobalt-security@xxxxxxxxxxxxxxx
http://list.cobalt.com/mailman/listinfo/cobalt-security