On Sun, 23 Feb 2003 18:45:14 -0600, Bret Hughes wrote
> On Sun, 2003-02-23 at 17:45, Mike Vanecek wrote:
>
> > It was a bit scary, but it was nice to have chkrootkit, tripwire, and iptables
> > around to give me an idea of the status of the system. Bottom line, someone
> > uploaded a weirdly named
On Sun, 2003-02-23 at 17:45, Mike Vanecek wrote:
> It was a bit scary, but it was nice to have chkrootkit, tripwire, and iptables
> around to give me an idea of the status of the system. Bottom line, someone
> uploaded a weirdly named file, but everything that should be working to
> protect the sy
On Sun, 23 Feb 2003 15:45:32 -0800, Benjamin R. Mohilef wrote
> You wrote:
>
> > lsattr is not installed on my system.
>
> > chattr not installed on my system either. If it was, I do not know the
>
>
> It sounds like your system has been cracked badly. The programs
> chattr, lsattr, etc
On Sun, 23 Feb 2003 16:43:46 -0600, Bret Hughes wrote
> On Sun, 2003-02-23 at 16:17, Mike Vanecek wrote:
> > On Sun, 23 Feb 2003 10:34:27 -0600, Bret Hughes wrote
> > > On Sun, 2003-02-23 at 09:38, Mike Vanecek wrote:
> > > > Someone has ftp'd a file to my incoming folder with the name:
> > > >
>
You wrote:
> lsattr is not installed on my system.
> chattr not installed on my system either. If it was, I do not know the
It sounds like your system has been cracked badly. The programs
chattr, lsattr, etc are installed by the e2fsprogs rpm during install. It
is highly possible that t
On Sun, 23 Feb 2003 19:11:03 -0330, Michael Pelley wrote
> H...
>
> The lsattr and chattr progs are part of the e2fsprogs RPM. Did you
> purposely not install e2fsprogs? If you did and it is missing now, then
> maybe more is hacked than you think. Do a
> rpm -qa | grep e3fsprogs
> and
On Sun, 23 Feb 2003, Mike Vanecek wrote:
> lsattr is not installed on my system.
>[...]
>
> chattr not installed on my system either. If it was, I do not know the syntax
> to override the long name with !! at the beginning.
Install the e2fsprogs RPM. Use backslashes to escape the ! and blanks in
On Sun, 2003-02-23 at 16:17, Mike Vanecek wrote:
> On Sun, 23 Feb 2003 10:34:27 -0600, Bret Hughes wrote
> > On Sun, 2003-02-23 at 09:38, Mike Vanecek wrote:
> > > Someone has ftp'd a file to my incoming folder with the name:
> > >
> > > !! Just a Comment that you may want to READ.txt
> > >
> > >
n and reinstall but I always let everyone on the sysadmin
level know that this box couldn't be trusted
Mike
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Mike Vanecek
Sent: Sunday, February 23, 2003 6:47 PM
To: [EMAIL PROTECTED]
Subject: Re: ft
On Sun, 23 Feb 2003 10:34:27 -0600, Bret Hughes wrote
> On Sun, 2003-02-23 at 09:38, Mike Vanecek wrote:
> > Someone has ftp'd a file to my incoming folder with the name:
> >
> > !! Just a Comment that you may want to READ.txt
> >
> > The file permissions were set as rw r r which obviously is not
Nothing like that on my system? How do I look at the file or rename it? Any
mv or less I do does not work, even with quoting the name of the file?
On Sun, 23 Feb 2003 13:34:17 -0330, Michael Pelley wrote
> I'd say the extended permissions have been set. Do a lsattr and
> check.
>
> See:
>
I'd say the extended permissions have been set. Do a lsattr and check.
See:
man lsattr
man chattr
Mike
--
Mike Pelley "Non illegitimati carborundum"
Owner & "Misc. Rambler" of Pelleys.com
[EMAIL PROTECTED] - www.pelleys.com
-Origin
On Sun, 2003-02-23 at 09:38, Mike Vanecek wrote:
> Someone has ftp'd a file to my incoming folder with the name:
>
> !! Just a Comment that you may want to READ.txt
>
> The file permissions were set as rw r r which obviously is not a good thing.
> Further, I am unable to less it or delete it. I d
13 matches
Mail list logo
