On Friday 03 February 2006 12:24, Ben Meijering wrote: >Hi, > >I am kindy new to using Debian and was wondering if anyone could help >me. >I was looking in my /etc/rc2.d directory to see what kind of services >were installed on my server. > >The contents of my rc2.d directory is as follows > >S10distwatchd S20courier-authdaemon S20nfs-kernel-server S89cron >S10sysklogd S20courier-pop S20pptpd S89watchd >S11klogd S20courier-pop-ssl S20samba S91apache >S14ppp S20exim S20ssh >S91apache-ssl >S15bind9 S20inetd S21nfs-common > S99rmnologin S15lwresd S20lpd S23killd >S99stop-bootlogd >S18portmap S20makedev S50proftpd >S19sshd S20mysql S89atd > >I couldn't find a man page for distwatchd and just tried to run it > which gave the following result : > >benspagina:/etc/rc2.d# /etc/init.d/distwatchd > > >FUCK: Got signal 11 while manipulating kernel! > >Searching for this last sentence I found all sorts of pages talking >about compromised servers. >So I downloaded chkrootkit, but this said my system was clean. > >Is there a chance my system is compromised?
I'd have my doubts although chkrootkit is getting a bit long in the tooth now. I'd druther think distwatchd might not be properly configured. But being paranoid, I run chkrootkit 2x a day on my firewall box anyway. >I hope anyone can help me. > >Greets, > >Ben -- Cheers, Gene People having trouble with vz bouncing email to me should add the word 'online' between the 'verizon', and the dot which bypasses vz's stupid bounce rules. I do use spamassassin too. :-) Yahoo.com and AOL/TW attorneys please note, additions to the above message by Gene Heskett are: Copyright 2006 by Maurice Eugene Heskett, all rights reserved. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
