-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> Can someone knowledgeable point me in the right direction? Had a
> site that uses Frontpage. So, what does this all mean? Do I need to
> worry?
What's creating these messages - something like Tripwire?
Looks to me like these files all have create times of sometime
yesterday, so they're showing up as 'new' to the scanner...
They don't look unusual to me at all: fpexec is part of FrontPage. I
know suEXEC goes with Apache and deals with CGI stuff. The
/usr/local/frontpage/ .cnf file is the frontpage config file for that
domain.
/root/.bash_history is a list of all the shell commands 'root' has
typed. and .viminfo is a config file for the 'vim' editor.
You could take a look at those last two - they're just text files.
But I think you're probably ok...
- --
Bruce Timberlake
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQE+HtEBvLA2hUZ9kgwRAqsCAJ0S7PYLhpnFFeXxlzyHwPR/XQuwIQCfenQn
fC4q+xocyMTrObnR7cPVUng=
=DNMu
-----END PGP SIGNATURE-----
_______________________________________________
cobalt-security mailing list
cobalt-security@xxxxxxxxxxxxxxx
http://list.cobalt.com/mailman/listinfo/cobalt-security