Oh dear, found one more teeny tiny detail:
On Thu, 31 Aug 2000, Ramiel Givergis wrote:
/root/verify-rpms > /root/verify-results 2>&1
^
|
rpm --verify
is w
[EMAIL PROTECTED] (Luke C Gavel) writes:
> given the situation. I just wanted to add one tiny
> little correction:
>
> On Thu, 31 Aug 2000, Ramiel Givergis wrote:
>
> rpm -qa|sed "s/^./rpm --verify /g" > /root/verify-rpms
> ^
> |
> You need
>
Sorry to perpetuate this, but I thought it important
given the situation. I just wanted to add one tiny
little correction:
On Thu, 31 Aug 2000, Ramiel Givergis wrote:
rpm -qa|sed "s/^./rpm --verify /g" > /root/verify-rpms
^
|
You need
a
Bernard it sounds like your server may have been root-kitted (hacked
into)
I work with compromised servers on a daily basis and am familiar of the
jinks of all these root kits.
boot your server up in single user mode
enter these commands
rpm -qa|sed "s/^/rpm --verify /g" > /root/verify-rpms
c
When I got hacked before and a root kit was installed on my system I saw
this same behavior.
My advice is to see if you can tell when the break in happened and how
they did it. If you are allowing telnet, rsh, or ftp then they most
likely just used a packet sniffer. Otherwise RH6.2 has a securi
Hi guys,
I really need help on this one.
I am using RH. 6.2 on my servers. Suddenly
syslogd is not running on one ofthe servers. I has tried uninstalling and
installing the rpm with nosuccess. When I try looking at the running
processes using the 'ps' commandI get a "segmentation fault (core
