[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Potential Virus or System Message?

Hash: SHA1

Faithful John said:
> So this gives me a second question.   I'm pretty sure that I disabled
> the remote access ability stuff (though I'm not 100% on that at this
> moment).   Is there a chance someone could still get into my system in
> any way and do anything? (e.g.if firewalls disabled)   My impression
> was that linux was immune to viruses and resistance to personal
> attacks since you needed a root password to do any sort of real
> changes.

more complicated than "they need root to get me". escalation of
privileges, where a user gets onto your box via some sort of non-root
user thru apache, ssh or whatever and then gains root via some local
program that is vulnerable.

You should run a portscan on yourself with nmap or similar. If you don't
have access to another box, you can go to somewhere like dshield.org and
run a portscan. Always good to do when setting up a new box. good
learning when you get to say "what in the heck is that port open for?"

- --


Version: GnuPG v1.4.0 (MingW32)


Reply to: