Re: [Vserver] Utility Programs in Vservers

Wed, 16 Feb 2005 09:16:04 -0800 

Thanks Herbert.  Your insights are always useful and fun.


Rod

On Wed, 16 Feb 2005, Herbert Poetzl wrote:

> On Tue, Feb 15, 2005 at 09:15:32AM -0800, Roderick A. Anderson wrote:
> > Well that's a pretty sorry excuse for a Subject but the only thing I could 
> > think of.  :-)
> > 
> > Short story.  A client got their Vserver broken into and though it appears
> > I got them cleaned out but I'm still doing some forensics.  There were
> > some files changed ( I don't think they knew it was a Vserver ) and fcheck
> > caught the problem files but I'm not sure if they are even needed.
> 
> hehe ... good that they didn't knew then ...
> 
> > Is there any reason for ifdown, ifup, installkernel, ldconfig, sln, 
> > vhalt, vreboot are needed or should be in a Vserver?  
> 
> the is no use, but also no harm in ifdown/ifup if the 
> vserver does not have the NET_ADMIN capability ...
> ldconfig and sln might be useful inside .. who knows
> but vhalt and vreboot are not used anymore ...
> 
> > This is pretty old kernel ( CTX ) and I think I made a mistake and 
> > created the Vserver from the main server.  
> > I'm also seeing some $VSERVER/dev/hdx?, $VSERVER/dev/log, 
> > $VSERVER/dev/stdout, $VSERVER/dev/ttyo?, and $VSERVER/dev/tty.
> 
> anything more than the following is not needed and might
> (or will) be dangerous if supplied ...
> 
> crw-rw-rw-    1 root     root       1,   7 Apr  6  2003 full
> srw-rw-rw-    1 root     root            0 Feb 16 01:42 log=
> crw-rw-rw-    1 root     root       1,   3 Apr  6  2003 null
> crw-rw-rw-    1 root     root       5,   2 Feb 16 03:07 ptmx
> drwxr-xr-x    2 root     root            0 Feb 16 01:37 pts/
> crw-r--r--    1 root     root       1,   8 Apr  6  2003 random
> crw-rw-rw-    1 root     root       5,   0 Apr  6  2003 tty
> crw-r--r--    1 root     root       1,   9 Apr  6  2003 urandom
> crw-rw-rw-    1 root     root       1,   5 Apr  6  2003 zero
> 
> std* are usually symlinks into /proc so they should be
> fine ...
> 
> > Any pointers or thoughts?
> 
> HTH,
> Herbert
> 
> > TIA,
> > Rod
> > -- 
> >     "Open Source Software - You usually get more than you pay for..."
> >      "Build A Brighter Lamp :: Linux Apache {middleware} PostgreSQL"
> > 
> > 
> > _______________________________________________
> > Vserver mailing list
> > Vserver@list.linux-vserver.org
> > http://list.linux-vserver.org/mailman/listinfo/vserver
> 

-- 
    "Open Source Software - You usually get more than you pay for..."
     "Build A Brighter Lamp :: Linux Apache {middleware} PostgreSQL"


_______________________________________________
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver

Reply via email to