From: Andrew Langdon-Davies <ald2@arrakis.es>
To: linux-newbie@vger.kernel.org
Subject: Re: su fails
Date: Tue, 15 Jul 2003 12:20:33 +0200 [thread overview]
Message-ID: <oprsckcjqyhmmv6x@smtp.arrakis.es> (raw)
In-Reply-To: <3F133105.7010309@bcgreen.com>
On Mon, 14 Jul 2003 15:39:01 -0700, Stephen Samuel <samuel@bcgreen.com>
wrote:
> It sounds to me like you've been rooted, and somebody installed
> a trojan. I'd do a full hunt for signs of a rootkit. When in
> doubt (especially if there are ony a few people on your system),
> I'd just load a new OS and migrate the user data over to it.
Now you've got me worried. What would signs of a rootkit be? I thought
reinstalling shadow had put everything right, but there are still hiccups.
For example, although I can now su again --that is, it now recognises the
password-- if I give the wrong password I still get just 'sorry'. Lilo
failed to load again and I have had to reinstall it. And I get a very
strange message in my user .xsession-errors file. It says:
'stderr is not a tty - where are you?'
Do I assume the worst?
For what it's worth, GRC reports most ports as stealthed and 113 IDENT and
5000 UPnP as closed.
TIA,
Andrew
-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs
next prev parent reply other threads:[~2003-07-15 10:20 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-07-14 11:04 su fails Andrew Langdon-Davies
2003-07-14 15:15 ` Ray Olszewski
[not found] ` <oprsa696n7hmmv6x@smtp.arrakis.es>
2003-07-14 17:52 ` Andrew Langdon-Davies
2003-07-14 18:23 ` pa3gcu
2003-07-14 18:48 ` Andrew Langdon-Davies
[not found] ` <3F133105.7010309@bcgreen.com>
2003-07-15 10:20 ` Andrew Langdon-Davies [this message]
2003-07-15 15:13 ` Ray Olszewski
2003-07-15 16:38 ` Andrew Langdon-Davies
2003-07-15 17:06 ` Alan Bort
2003-07-15 17:26 ` Mr. James W. Laferriere
2003-07-15 18:20 ` Andrew Langdon-Davies
2003-07-15 19:37 ` Ray Olszewski
[not found] ` <oprseazgwzhmmv6x@smtp.arrakis.es>
2003-07-16 8:55 ` Andrew Langdon-Davies
2003-07-15 17:29 ` Ray Olszewski
2003-07-17 1:11 ` Stephen Samuel
2003-07-17 10:55 ` Andrew Langdon-Davies
2003-07-15 18:08 beolach
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=oprsckcjqyhmmv6x@smtp.arrakis.es \
--to=ald2@arrakis.es \
--cc=linux-newbie@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.