If that's the case, then why does the report say that there's a
*difference* in the suid root files? Why does it claim that all of
those are *changed*? It doesn't merely claim that they *are* suid root;
it claims that they *changed*.
> Subject: *** Diff Check, Thu Apr 20 00:02:50 EDT 2000 ***
> Security Warning: Change in Suid Root files found :
> - Added suid root files : /bin/mount
> - Added suid root files : /bin/ping
> - Added suid root files : /bin/su
> - Added suid root files : /bin/umount
> - Added suid root files : /sbin/dump
> - Added suid root files : /sbin/pwdb_chkpwd
:
:
Ron Stodden wrote:
>
> Andrew Vogel wrote:
> >
> > I woke up this morning to find this email in my system:
>
> ...
>
> > I've been hacked! The questions, now, are: 1. How do I fix this? and 2. How
> to I prevent it from happening again?
>
> No you haven't! This is just the periodic report done on your
> system security by your own msec (man msec). I have not seen it as
> an email before, only as /var/log/messages messages, so msec must
> consider the situation serious.
>
> It is telling you what needs to be done to bring your security up to
> snuff so that you can't be hacked.
>
> --
>
> Regards,
>
> Ron. [AU] - sent by Linux.
--
"Brian, the man from babble-on" [EMAIL PROTECTED]
Brian T. Schellenberger http://www.babbleon.org
Support http://www.eff.org. Support decss defendents.
Support http://www.programming-freedom.org. Boycott amazon.com.