Hi I've got a rather wierd problem. Since this morning, I cannot connect anymore to a pop mail server using ssl, evolution complains about a bad signature of the certificate. This is since I've booted my machine today.
At the same time, one minute before I got the after-startup report from logcheck, logcheck sent me a mail with an "ACTIVE SYSTEM ATTACK!" subject, saying: "Cleaned rules files exist in /var/lib/logcheck/cleaned directory that cannot be removed. This may be an attempt to spoof the log checker." Hmmm, so what? Are these problems somehow tied together? Furthermore, what is the probability that the system has really been cracked, and the logcheck message is not a false positive? I wonder, because it's not a server machine, it has no services running, except the dhcp client listening on a port. Nothing else. Which steps would you propose to take next? It's very unfortunate, since I am having absolutely no time at the moment, so I think I'll just leave the machine switched off for now. Maybe I should go for a complete reinstall. -- Best wishes, Andi