Check if your program have rotated the logs...
cd /var/log
ls -l wtmp*
and, check in /etc/cron* or do a crontab -l (in user root)
E.
--
Eric LeBlanc
[EMAIL PROTECTED]
--
UNIX is user friendly.
It's just selective about who its friend
the prog compare the proc list in /proc and the output of command 'ps'.
So, when the chkrootkit will list in /proc, and then get an output from ps,
the time between two operation is larger enough to create others process
(or die/kill)...
that's why this check is not VERY reliabl
oblems (bugs
nor exploits).
It's run very well and smoothly :)
E.
--
Eric LeBlanc
[EMAIL PROTECTED]
--
UNIX is user friendly.
It's just selective about who its friends are.
==
we will
terminate that in two hour/day/month/years.
...
and so on, it's not so hard, and it's take 2 minutes or less.
E.
--
Eric LeBlanc
[EMAIL PROTECTED]
--
UNIX is user friendly.
It's just selective about who its friends are.
==
nvestigation I'm pretty sure we'll be
> informed right away. The secteam has done an amazing job in the
> past and I trust them to continue as responsible as before.
I agree with you.
>
> Cheers, Marcel
>
E.
--
Eric LeBlanc
[EMAIL PROTECTED]
--
UNIX is user friendly.
It's just selective about who its friends are.
==
oblems (bugs
nor exploits).
It's run very well and smoothly :)
E.
--
Eric LeBlanc
[EMAIL PROTECTED]
--
UNIX is user friendly.
It's just selective about who its friends are.
==
--
To UNSUBSCRI
we will
terminate that in two hour/day/month/years.
...
and so on, it's not so hard, and it's take 2 minutes or less.
E.
--
Eric LeBlanc
[EMAIL PROTECTED]
--
UNIX is user friendly.
It's just selective about who its friends are.
=
nvestigation I'm pretty sure we'll be
> informed right away. The secteam has done an amazing job in the
> past and I trust them to continue as responsible as before.
I agree with you.
>
> Cheers, Marcel
>
E.
--
Eric LeBlanc
[EMAIL PROTECTED
t;
> --
> To UNSUBSCRIBE, email to [EMAIL PROTECTED]
> with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Eric LeBlanc
E-Mail:[EMAIL PROTECTED]
ICQ 50571872
"Well, let's just say, 'if your VCR is still blinking 12:00, you don't
want Linux'".
--- Bruce Perens, Debian's Fearless Leader
I don't understand... I try to help it and I am made insult?
Well if I insulted you, I present my major excuses to you,
M'sieur...
Eric LeBlanc
E-Mail:[EMAIL PROTECTED]
ICQ 50571872
"Well, let's just say, 'if your VCR is still blinking 12:00
t;
> --
> To UNSUBSCRIBE, email to [EMAIL PROTECTED]
> with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Eric LeBlanc
E-Mail:[EMAIL PROTECTED]
ICQ 50571872
"Well, let's just say, 'if your VCR is s
I don't understand... I try to help it and I am made insult?
Well if I insulted you, I present my major excuses to you,
M'sieur...
Eric LeBlanc
E-Mail:[EMAIL PROTECTED]
ICQ 50571872
"Well, let's just say, 'if your VCR is still blinking 12:00
Do u know webmin?
http://webadmin.sourceforge.net/webmin/
Eric
On Thu, 23 Aug 2001, Jean Baptiste Lallement wrote:
> Hi,
>
> U could use sudo ?
>
> Excerpt from http://www.courtesan.com/sudo/
> ---
> Sudo (superuser do) allows a system administrator to give certain
> users (or groups of use
On 27 Feb 2002, eim wrote:
> * logcheck (System Log Analyzer)
[SNIP]
> network activity and so on... everything works quite well, the
> only problem is: they generate *REALLY* much mail traffic with
> lots of output which I can't read all.
>
> So my question is, has anyone a good s
On Tue, 2 Apr 2002, Anne Carasik wrote:
> On Tue, Apr 02, 2002 at 07:45:21PM +0200, eim wrote:
> > A question about some network services
> > ==
> >
> > Hallo Debian folks,
> >
> > By default, on my debian boxes, I disable this network
> > services which ar
On Fri, 19 Apr 2002, Jan Johansson wrote:
>
> Then they dont know what they are saying, i would say that Tripwire / AIDE / such
>will be 100% efficient in detecting kits _PROVIDING_ that your database is current,
>and is stored in a tamper-proof location... and ofcource you actually use and
On Fri, 17 May 2002, Michal Melewski wrote:
> > May 17 23:03:11 ms2 kernel: possible SYN flooding on port 25. Sending cookies.
> > Am I being syn flood attacked? How can I get rid of this?
> Hello
> In this case you are probably a target of a SYN Flood atack.
> What you have to do is to compil
Do u know webmin?
http://webadmin.sourceforge.net/webmin/
Eric
On Thu, 23 Aug 2001, Jean Baptiste Lallement wrote:
> Hi,
>
> U could use sudo ?
>
> Excerpt from http://www.courtesan.com/sudo/
> ---
> Sudo (superuser do) allows a system administrator to give certain
> users (or groups of user
On 27 Feb 2002, eim wrote:
> * logcheck (System Log Analyzer)
[SNIP]
> network activity and so on... everything works quite well, the
> only problem is: they generate *REALLY* much mail traffic with
> lots of output which I can't read all.
>
> So my question is, has anyone a good so
On Tue, 2 Apr 2002, Anne Carasik wrote:
> On Tue, Apr 02, 2002 at 07:45:21PM +0200, eim wrote:
> > A question about some network services
> > ==
> >
> > Hallo Debian folks,
> >
> > By default, on my debian boxes, I disable this network
> > services which are
On Fri, 19 Apr 2002, Jan Johansson wrote:
>
> Then they dont know what they are saying, i would say that Tripwire / AIDE /
> such will be 100% efficient in detecting kits _PROVIDING_ that your database
> is current, and is stored in a tamper-proof location... and ofcource you
> actually use
On Fri, 17 May 2002, Michal Melewski wrote:
> > May 17 23:03:11 ms2 kernel: possible SYN flooding on port 25. Sending
> > cookies.
> > Am I being syn flood attacked? How can I get rid of this?
> Hello
> In this case you are probably a target of a SYN Flood atack.
> What you have to do is to co
22 matches
Mail list logo
