Re: security concern

To: cheng@fourier.csl.uiuc.edu, debian-user@lists.debian.org
Subject: Re: security concern
From: stick@richnet.net
Date: Fri, 18 Jul 1997 10:23:34 -0400 (EDT)
Message-id: <[🔎] m0wpDwV-000IRBC@bertha.practical.net>
Reply-to: stick@richnet.net
In-reply-to: <19970717220603.36844@fourier.csl.uiuc.edu> from "cheng@fourier.csl.uiuc.edu" at Jul 17, 97 10:06:03 pm

Howdy, Cheng!

> 
> Someone has break in my machine (Debian 1.3) and
> write a file in my home dir.  There is no trace
> in utmp and wtmp file. In dameon.log and syslog
> file, there two seems to be like this:
> 
Sorry to hear that your system has been compromised!  One of the first things
I'd do is change *all* passwords on the system.  I'd also consider
re-installing Debian to be sure that you got clean binaries - someone could
have replaced an essential binary with one that allows them access to your
system.

I'd also recommend you getting/reading the latest issue of Linux Journal -
it discusses Linux system security.  Some things you might want to implement
are explained quite nicely.

> Jul 16 17:41:52 ultra kerneld: started, pid=148, qid=0
> Jul 17 17:59:59 ultra in.fingerd[1323]: connect from xxx.xx.xx.xx
> 
> Is this come from fingerd program? Or maybe others just
> happen to know my password.
> 
> Thanks for all suggestions.
> 
> -cheng
> 
Chuck

-- 
Chuck Stickelman, Owner			E-Mail:	<stick@richnet.net>
Practical Network Design		Voice:	(419) 529-3841
9 Chambers Road				FAX:	(419) 529-3625
Mansfield, OH 44906-1302 USA


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to:

Prev by Date: Out of town.
Next by Date: MS-DOS CR & directory/file timestamping
Previous by thread: Out of town.
Next by thread: MS-DOS CR & directory/file timestamping
Index(es):
- Date
- Thread