You wrote: <snip> > lsattr is not installed on my system. <snip> > chattr not installed on my system either. If it was, I do not know the <snip>
It sounds like your system has been cracked badly. The programs chattr, lsattr, etc are installed by the e2fsprogs rpm during install. It is highly possible that the crackers may be using your box as a filez server. If the cracker left the original rpm program untouched, and if theattributes were not changed on /usr/sbin, you can reinstall the programs from the e2fsprogs rpm. Although you may be able to ferret out knopwn offending cracks with the program checkroot (http://www.chkrootkit.org), total reformat and reinstall is a better solution, using the latest patches to prevent being re-cracked. If the cracker was smart enough to remove lsattr and chattr, he/she probably installed some rootkits and back doors which may go a little beyond the normal script kiddy attack and which will allow reinfection. regards, ben -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
