[techtalk] bizarre....

Cynthia Dale silly at redhat.com
Mon Dec 13 12:44:26 EST 1999


Yup.  The intruder could have done any number of things, which is why I
suggested reinstalling.  The other stuff I suggested was just to try to
find out how it was done, so it could be prevented in the future.  Nothing
worse than getting hacked and not knowing how...
Cindy

Cynthia J. Dale
Technical Engineer/FAQ maintainer
Red Hat, Inc.

fnord.


On Mon, 13 Dec 1999, Laurel Fan wrote:

> Date: Mon, 13 Dec 1999 14:15:10 -0500 (EST)
> From: Laurel Fan <lf25+ at andrew.cmu.edu>
> Reply-To: techtalk at linuxchix.org
> To: techtalk at linuxchix.org
> Subject: Re: [techtalk] bizarre....
> 
> Excerpts from linuxchix: 13-Dec-99 Re: [techtalk] bizarre.... by Nils
> Philippsen at wombat.d 
> > You won't catch added files with rpm -Va -- they're just not in the
> > database, so they won't get checked. You might want to find setuid/setgid
> 
> Of course, the cracker could always have replaced rpm..
> 
> 
> 
> ************
> techtalk at linuxchix.org   http://www.linuxchix.org
> 


************
techtalk at linuxchix.org   http://www.linuxchix.org




More information about the Techtalk mailing list