RE: Security: system reboot?

To: debian-user@lists.debian.org
Subject: RE: Security: system reboot?
From: DEFFONTAINES Vincent <Vincent.DEFFONTAINES@coe.int>
Date: Mon, 20 Jan 2003 11:11:00 +0100
Message-id: <[🔎] 51341B7FA34CD2119FA20008C7289B1C051C1C19@panoramix.coe.int>

If you find nothing in logs, possibly someone pressed CTRL ALT DEL?
This happens often when people think they log in on a windoze NT box and
press those keys without watching the screen.
You can prevent that by editing /etc/inittab (comment the ctrlaltdel line)
then "kill -1 1"

If you cannot find why your system rebooted, worry about it ; it might
reveal a serious security compromission.
You should check your system binaries with md5sum against a system you know
is clean.
And if I were you, I wouldn't give up until I find why the system rebooted,
or I would reinstall it and (re)secure it.

Hope this helps,

Vincent

> -----Original Message-----
> From: Qian Gong [mailto:q.gong@tue.nl]
> Sent: Monday 20 January 2003 10:40
> To: debian-user@lists.debian.org
> Subject: Security: system reboot?
> 
> 
> Hi,
> 
> This morning I found that my Debian box rebooted on Sunday morning 
> (9:35 AM). However, from last Friday till this morning nobody logged 
> in to this system. Do you know where can I find out who has sent the 
> reboot command? And why? Is it related to security holes?
> 
> Qian
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
> with a subject of "unsubscribe". Trouble? Contact 
> listmaster@lists.debian.org
>

Reply to:

Follow-Ups:
- Re: Security: system reboot?
  - From: Qian Gong <q.gong@tue.nl>

Prev by Date: Re: Detecting the fysical mouse Solved !
Next by Date: sound server message on startup
Previous by thread: Re: Security: system reboot?
Next by thread: Re: Security: system reboot?
Index(es):
- Date
- Thread