Re: brute force ssh attack
From: M.Rudra (dr.rudra_at_gmail.com)
Date: 04/29/05
- Previous message: Eric Tanguy: "Bluetooth"
- In reply to: Thomas Cameron: "Re: brute force ssh attack"
- Next in thread: ne...: "Re: brute force ssh attack"
- Reply: ne...: "Re: brute force ssh attack"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Fri, 29 Apr 2005 17:27:58 -0400 To: For users of Fedora Core releases <fedora-list@redhat.com>
On 4/27/05, Thomas Cameron <thomas.cameron@camerontech.com> wrote:
> > something.) Also check in /tmp and /var. And any luck with the
> > .bash_history? (For both the users and for root....)
>
> Especially /var/tmp - that's a common place for rootkits to live.
a doubt here ,
i checked /tmp and found
srwxrwxrwx 1 wnn wnn 0 Apr 27 22:30 jd_sockV4
why does this file (socket) have different owner and user, while all
others have either root or userabc.
drwxrwxrwt 2 xfs xfs 4096 Apr 29 22:30 .font-unix
this hidden file also has different permission and different owner and
user, while others have either root or userabc.
xfs and wnn ? are not users created by me so where did they come from ?
Can someone please clear this silly doubt.
-- MR -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
- Previous message: Eric Tanguy: "Bluetooth"
- In reply to: Thomas Cameron: "Re: brute force ssh attack"
- Next in thread: ne...: "Re: brute force ssh attack"
- Reply: ne...: "Re: brute force ssh attack"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
