Hello,
I found on my machine the following message one morning:
PAM_UNIX[763]: (su) session opened for user www-data by (uid=0)
su [821]: + ??? root-nobody
PAM_UNIX[821]: (su) session opened for user nobody by (uid=0)
This is the first time it happened and since then I upgraded
to the latest unstable by 'apt-get dselect-upgrade'
Unfortunately, I do not know enough to interpret
the messages above and what happened. I would like
to know if people on this list can help me to configure
my system so at least this type of attack does not happen
anymore (I do assume that it is an intrusion attack,
unless there is a much simpler explanation for this).
Thanks in advance,
Vladislav
Debian latest unstable/i386/SMP
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
