[newbie] Log entry

Wed, 06 Aug 2003 18:41:31 -0700 

From my /var/log/auth.log....

Aug  4 05:01:01 localhost msec: changed mode of 
/var/log/security/open_port.today from 644 to 640
Aug  4 05:01:01 localhost msec: changed mode of 
/var/log/security/rpm-va-config.today from 644 to 640
Aug  4 05:01:01 localhost msec: changed mode of /var/log/security/rpm-qa.today 
from 644 to 640
Aug  4 05:01:01 localhost msec: changed mode of 
/var/log/security/suid_root.today from 644 to 640
Aug  4 05:01:01 localhost msec: changed mode of 
/var/log/security/writable.today from 644 to 640
Aug  4 05:01:01 localhost msec: changed mode of 
/var/log/security/unowned_group.today from 644 to 640
Aug  4 05:01:01 localhost msec: changed mode of 
/var/log/security/suid_md5.today from 644 to 640
Aug  4 05:01:01 localhost msec: changed mode of /var/log/security/rpm-va.today 
from 644 to 640
Aug  4 20:11:03 localhost snort[1318]: [1:2003:2] MS-SQL Worm propagation 
attempt [Classification: Misc Attack] [Priority: 2]: {UDP} 
202.144.168.34:3085 -> 192.168.0.226:1434
Aug  5 05:01:01 localhost msec: changed mode of /var/log/security/sgid.today 
from 644 to 640
Aug  5 05:01:01 localhost msec: changed mode of 
/var/log/security/unowned_user.today from 644 to 640
Aug  5 05:01:01 localhost msec: changed mode of 
/var/log/security/open_port.today from 644 to 640
Aug  5 05:01:01 localhost msec: changed mode of 
/var/log/security/rpm-va-config.today from 644 to 640
Aug  5 05:01:01 localhost msec: changed mode of /var/log/security/rpm-qa.today 
from 644 to 640
Aug  5 05:01:01 localhost msec: changed mode of 
/var/log/security/suid_root.today from 644 to 640
Aug  5 05:01:01 localhost msec: changed mode of 
/var/log/security/writable.today from 644 to 640


Is the entry from Aug  4 20:11:03 as self-explanatory as it looks? Is this a 
reference to the M$ SQL Server worm from a few months ago? If anyone can 
provide any insight to this, I'd appreciate it. 
Thanks,
-- 
Ben Reeves

"He who knows much about others is learned, but he who understands himself is 
more intelligent. He who  
 controls others may be powerful, but he who has mastered himself is mightier 
still."  
- Lao-Tsu, Tao Teh King


Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

Reply via email to