On Wed, Feb 25, 2015 at 04:04:59PM -0400, Joseph Mingrone wrote:
> Jung-uk Kim writes:
>
> > On 02/25/2015 14:41, Joseph Mingrone wrote:
> >> This morning when I arrived at work I had this email from my
> >> university's IT department (via email.it) informing me that my host
> >> was infected an
--On 25 February 2015 18:21 +0100 Remko Lodder wrote:
This suggests that you can filter the traffic:
Block incoming IGMP packets by protecting your host/networks with a
firewall. (Quote from the SA).
It does, but it doesn't specifically say whether ipfw on *the host that's
being protecte
Am 26.02.2015 um 09:24 schrieb Gary Palmer :
> On Wed, Feb 25, 2015 at 04:04:59PM -0400, Joseph Mingrone wrote:
>> Jung-uk Kim writes:
>>
>>> On 02/25/2015 14:41, Joseph Mingrone wrote:
This morning when I arrived at work I had this email from my
university's IT department (via email
On Wed, 25 Feb 2015 20:55:43 +, Christopher Schulte wrote:
> > On Feb 25, 2015, at 2:34 PM, Philip Jocks wrote:
> >
> > it felt pretty scammy to me, googling for the "worm" got me to
> rkcheck.org which was registered a few days ago and looks like a
> tampered version of chkrootkit. I
On Wed, Feb 25, 2015, at 14:19, Walter Hop wrote:
>
> Example:
> # touch -t 20150101 foo
> # find / -user www -newer foo
>
> If you don’t find anything, look back a little further.
> Hopefully you will find a clue in this way.
>
Thanks for posting this trick -- I've never considered it be
On Thu, 26 Feb 2015 at 12:02:52 -0600, Mark Felder wrote:
> On Wed, Feb 25, 2015, at 14:19, Walter Hop wrote:
> >
> > Example:
> > # touch -t 20150101 foo
> > # find / -user www -newer foo
>
> Thanks for posting this trick -- I've never considered it before and
> will certainly put it in my t
On Thu, Feb 26, 2015, at 14:12, Glyn Grinstead wrote:
> On Thu, 26 Feb 2015 at 12:02:52 -0600, Mark Felder wrote:
> > On Wed, Feb 25, 2015, at 14:19, Walter Hop wrote:
> > >
> > > Example:
> > > # touch -t 20150101 foo
> > > # find / -user www -newer foo
> >
> > Thanks for posting this tric
I'd also suggest you take a look at using mtree for tripwire-like
functionality into the future - its primary purpose is to be able to
take the specification for a directory tree and either report
differences or make the filesystem conform to the specification.
not sure whether it is used in the b
On Thu, Feb 26, 2015, at 14:52, Malcolm Herbert wrote:
> I'd also suggest you take a look at using mtree for tripwire-like
> functionality into the future - its primary purpose is to be able to
> take the specification for a directory tree and either report
> differences or make the filesystem co
