Am I compromised?
From: Joe (sfjoe_at_spamcop.net)
Date: 11/29/03
- Next message: ER: "HELP: modprobe: modprobe: Can't locate module char-major-200"
- Previous message: mjt: "Re: Red Hot Linux v9.0 [2 DVDs]. Red Hot Linux v9.0 [3 CDs]. Redhat Enterprise Linux ES v3.0 REPACK [4 CDs]. Mandrake Linux 9.2 [3 CDs] - new !"
- Next in thread: Bit Twister: "Re: Am I compromised?"
- Reply:(deleted message) Bit Twister: "Re: Am I compromised?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Sat, 29 Nov 2003 11:36:11 -0800
I'm pretty sure my machine is compromised, but I'm not sure how to
proceed to correct the matter. The other day, chkrootkit reported that
the .bash_history file in /root had zero length. I'm assuming someone
deleted it to cover their tracks.
Unfortunately, I don't know where to proceed. Nothing appears to be out
of place. I downloaded and installed the latest version of chkrootkit and
it shows nothing besides that one anomaly. None of the logs show anything
unusual (that I can see).
Am I paranoid? Any suggestions on how to proceed?
--
"The natural progress of things is for liberty to yield and government to
gain ground"
-- Thomas Jefferson
- Next message: ER: "HELP: modprobe: modprobe: Can't locate module char-major-200"
- Previous message: mjt: "Re: Red Hot Linux v9.0 [2 DVDs]. Red Hot Linux v9.0 [3 CDs]. Redhat Enterprise Linux ES v3.0 REPACK [4 CDs]. Mandrake Linux 9.2 [3 CDs] - new !"
- Next in thread: Bit Twister: "Re: Am I compromised?"
- Reply:(deleted message) Bit Twister: "Re: Am I compromised?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
Loading
