Re: /bin/login listening?

To: debian-user@lists.debian.org
Subject: Re: /bin/login listening?
From: Tyler Smith <tyler.smith@mail.mcgill.ca>
Date: 29 Jul 2007 18:27:43 GMT
Message-id: <[🔎] slrnfapqg7.42b.tyler.smith@blackbart.mynetwork>
References: <[🔎] Pine.LNX.4.62.0707281325370.12185@proto.technobounce.com> <[🔎] slrnfanfds.kfc.tyler.smith@blackbart.mynetwork> <[🔎] Pine.LNX.4.62.0707281449380.12185@proto.technobounce.com> <[🔎] slrnfao33b.ou4.tyler.smith@blackbart.mynetwork> <[🔎] Pine.LNX.4.62.0707282241270.12185@proto.technobounce.com> <[🔎] slrnfap6jn.kqu.tyler.smith@blackbart.mynetwork> <[🔎] 20070729132127.GC6292@titan> <[🔎] slrnfapa2p.lgv.tyler.smith@blackbart.mynetwork> <[🔎] 20070729102339.5b52d252.celejar@gmail.com> <[🔎] slrnfaphjv.m57.tyler.smith@blackbart.mynetwork> <[🔎] 20070729163503.GA9535@titan> <[🔎] 46ACC2E5.2090708@noctus.net>

On 2007-07-29, Mathias Brodala <info@noctus.net> wrote:
> This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
> --------------enig6620D8D79CB50A9B1AFF7AB2
> Content-Type: text/plain; charset=UTF-8
> Content-Transfer-Encoding: quoted-printable
>
> Hi Douglas.
>
> Douglas Allan Tutty, 29.07.2007 18:35:
>> Boot the box from something like the install CD, go to a shell, mount
>> your / partition ro, noexec.
>>=20
>> I think the install CD has md5sum installed.  Run:
>> 	#md5sum /bin/login.
>>=20
>> On my i386, I get:
>>=20
>> 2ee32ff74e474c4d9fc9df6f1460980f /bin/login
>
> You should also tell the exact version of the "login" package you are usi=
> ng.
> Otherwise this number is useless.
>
> With 1:4.0.18.1-11 on i386 I get this:
>
>> 004a41bb9196f1888bd89c2245910f46  /bin/login
>

Which is just what I got too. I found an old Mepis CD, booted into
that, mounted my / partition, ran md5sum on /bin/login, and out came
the same answer, for the same version of /bin/login.

So I'm going to proceed as if I've been lucky, have not been
rootkit-ed, and will continue on with hardening my laptop without
reinstalling.

Thanks for your help!

Tyler

Reply to:

Follow-Ups:
- Re: /bin/login listening?
  - From: Jeff D <fixedored@gmail.com>

References:
- Re: /bin/login listening?
  - From: Jeff D <fixedored@gmail.com>
- Re: /bin/login listening?
  - From: Tyler Smith <tyler.smith@mail.mcgill.ca>
- Re: /bin/login listening?
  - From: Jeff D <fixedored@gmail.com>
- Re: /bin/login listening?
  - From: Tyler Smith <tyler.smith@mail.mcgill.ca>
- Re: /bin/login listening?
  - From: Jeff D <fixedored@gmail.com>
- Re: /bin/login listening?
  - From: Tyler Smith <tyler.smith@mail.mcgill.ca>
- Re: /bin/login listening?
  - From: Douglas Allan Tutty <dtutty@porchlight.ca>
- Re: /bin/login listening?
  - From: Tyler Smith <tyler.smith@mail.mcgill.ca>
- Re: /bin/login listening?
  - From: Celejar <celejar@gmail.com>
- Re: /bin/login listening?
  - From: Tyler Smith <tyler.smith@mail.mcgill.ca>
- Re: /bin/login listening?
  - From: Douglas Allan Tutty <dtutty@porchlight.ca>
- Re: /bin/login listening?
  - From: Mathias Brodala <info@noctus.net>

Prev by Date: Re: bindgraph
Next by Date: Adpater network quad-port
Previous by thread: Re: /bin/login listening?
Next by thread: Re: /bin/login listening?
Index(es):
- Date
- Thread