Hi, I haven't caught the start of this thread, but how can you be sure your core utilities have not been altered?
Do have a record of how they looked before the crack (a backup, MD5 sums etc, AIDE,Tripwire database)?. IMO, you would really need to examine those binaries on another box against a known equivalent clean copy or backup/AIDE/Tripwire database before really being sure. Awais On Fri, 2004-07-23 at 12:23, Paul Stolp wrote: > * Monique Y. Mudama <[EMAIL PROTECTED]> [2004-07-23 00:04]: > > > I'd add the suggestion to not use obvious usernames like "guest" ... > > agree -- I will prob. replace this account name > > > > > Btw, are you 100% sure they never managed to root you and replace some > > of your files? > > I wasn't 100% sure I wasn't cracked when I installed, but I am sure that > my core utilities are the same as before this attempt. This and clean > chkrootkit are enough for me, as long as I continue to watch what's > going on. > > Thanks everyone, mostly I was just venting, but hopefully this will help > prompt anyone who knows of a potential system weakness. > > Paul > -- > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
