[Techtalk] rmserver, should I be worried?
Caitlyn M. Martin
cmartin at rateintegration.com
Wed Oct 9 10:06:07 EST 2002
On Wed, 2002-10-09 at 09:09, Rebecca J. Walter wrote:
>
> I am not as experienced as most of the chix here, but this would set off
> big warning flags for me. If it is your box and you didn't install it
> and it doesn't belong to a package, are you _SURE_ your box hasn't been
> hacked? Have you checked the logs for unusual activity of any kind?
That's the same thought that crossed my mind reading the thread,
especially considering it's happening on an unpatched RH 7.3 box with
lots of vulnerabilities.
Being behind a firewall doesn't make things safe. Did anyone see the
really impressive (and scary) list of new vulnerabilities in the Cisco
PIX firewall that came out in the last few days? There have also been
flawas in iptables, Checkpoint Firewall-1, and about every other
firewall under the sun.
At the very least I would consider killing the process (and seeing the
effect of doing so) and pacthing the server with all current security
related errata for 7.3, or alternately, upgrading to the much nicer 8.0.
Regards,
Cait
More information about the Techtalk
mailing list