Yup. The intruder could have done any number of things, which is why I
suggested reinstalling. The other stuff I suggested was just to try to
find out how it was done, so it could be prevented in the future. Nothing
worse than getting hacked and not knowing how...
Cindy
Cynthia J. Dale
Technical Engineer/FAQ maintainer
Red Hat, Inc.
fnord.
On Mon, 13 Dec 1999, Laurel Fan wrote:
> Date: Mon, 13 Dec 1999 14:15:10 -0500 (EST)
> From: Laurel Fan <[EMAIL PROTECTED]>
> Reply-To: [EMAIL PROTECTED]
> To: [EMAIL PROTECTED]
> Subject: Re: [techtalk] bizarre....
>
> Excerpts from linuxchix: 13-Dec-99 Re: [techtalk] bizarre.... by Nils
> [EMAIL PROTECTED]
> > You won't catch added files with rpm -Va -- they're just not in the
> > database, so they won't get checked. You might want to find setuid/setgid
>
> Of course, the cracker could always have replaced rpm..
>
>
>
> ************
> [EMAIL PROTECTED] http://www.linuxchix.org
>
************
[EMAIL PROTECTED] http://www.linuxchix.org
