On 02/25/2013 04:24 PM, Gelen James wrote:
'rpm -V' can be misleading, if taking into account of prelink on
Redhat/Centos Boxes which is running through cron by default. I've shown the
steps on reverse the effect of prelink at the comments sections at link
It makes some sense to follow RHEL's suit, but Gelen's suggestions gain more
points here too.
As end users we probably turn off the default prelink settings after
RHEL/Centos initial installation, it is not a rocket technology.
On 2/26/13 8:10 AM, Johnny Hughes joh...@centos.org wrote:
On
On Monday 25 February 2013 14:24:28 Gelen James wrote:
'rpm -V' can be misleading, if taking into account of prelink on
Redhat/Centos Boxes which is running through cron by default. I've shown
the steps on reverse the effect of prelink at the comments sections at
link
On 25.Feb.2013, at 23:24, Gelen James wrote:
'rpm -V' can be misleading, if taking into account of prelink on
Redhat/Centos Boxes which is running through cron by default. I've shown the
steps on reverse the effect of prelink at the comments sections at link
Subject: Re: [CentOS] SSHD rootkit in the wild/compromise for CentOS 5/6?
Am 23.02.2013 um 05:52 schrieb Karanbir Singh mail-li...@karan.org:
On 02/22/2013 09:35 PM, Leon Fauster wrote:
i use following script to scan top level
directories for files that are not packaged:
If you trust your rpm-db
Am 23.02.2013 um 05:52 schrieb Karanbir Singh mail-li...@karan.org:
On 02/22/2013 09:35 PM, Leon Fauster wrote:
i use following script to scan top level
directories for files that are not packaged:
If you trust your rpm-db, ...
i used to scan this list
rpm -qa --qf
On Thu, Feb 21, 2013 at 6:03 PM, Johnny Hughes joh...@centos.org wrote:
This issue is not CentOS specific ... here is another discussion:
http://www.webhostingtalk.com/showthread.php?t=1235797
The issue seems to be that someone with local access elevates their
privileges in some manner, and
But don't forget that what the kernel people call 'local' access
really means any bug in any network application that lets you execute
an arbitrary command even if it is non-root - and those have
historically been pretty common.
sounds like local install of famous php scripting language...
On 02/22/2013 01:50 PM, Les Mikesell wrote:
On Thu, Feb 21, 2013 at 6:03 PM, Johnny Hughes joh...@centos.org wrote:
This issue is not CentOS specific ... here is another discussion:
http://www.webhostingtalk.com/showthread.php?t=1235797
The issue seems to be that someone with local access
Am 22.02.2013 um 21:11 schrieb Johnny Hughes joh...@centos.org:
On 02/22/2013 01:50 PM, Les Mikesell wrote:
On Thu, Feb 21, 2013 at 6:03 PM, Johnny Hughes joh...@centos.org wrote:
This issue is not CentOS specific ... here is another discussion:
On 02/22/2013 09:35 PM, Leon Fauster wrote:
i use following script to scan top level
directories for files that are not packaged:
If you trust your rpm-db, then something like my syscleanup script might
also come in handy :
https://www.gitorious.org/syscleanup/syscleanup/trees/master
I
Hello everyone,
I hope you are having a good day. However, I am concerned by this:
https://isc.sans.edu/diary/SSHD+rootkit+in+the+wild/15229
Has anyone heard yet what the attack vector is, if 5.9 and 6.4 are
affected, and if a patch is coming out?
Thanks!
Gilbert
On 02/21/2013 05:32 PM, Gilbert Sebenste wrote:
Hello everyone,
I hope you are having a good day. However, I am concerned by this:
https://isc.sans.edu/diary/SSHD+rootkit+in+the+wild/15229
Has anyone heard yet what the attack vector is, if 5.9 and 6.4 are
affected, and if a patch is
Thank you, Johnny, for that clarification, I appreciate it! I can relax a
little now. :-)
Gilbert
***
Gilbert Sebenste
(My opinions only!)
14 matches
Mail list logo