Re: fedora 8 hacked?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Markus Kesaromous wrote:
How about installing a well configured firewall?

----------------------------------------
Date: Sat, 26 Apr 2008 12:26:37 -0500
From: rogerheflin@xxxxxxxxx
To: fedora-list@xxxxxxxxxx
Subject: Re: fedora 8 hacked?

tom lee wrote:
On Sat, Apr 26, 2008 at 9:20 AM, Roger Heflin  wrote:

Because, if you keep writing to a corrupted filesystem you can end up
destroying the entire filesystem completely and lose *ALL* of your data and
that is worse.
I agree with you. That is why I think the OS should better off with
reboot "showdown -r -F now"
instead of mounting as read-only. if there is potencial disk problem,
you need to run this command anyway no matter what problems you may
find before rebooting.
If you automatically reboot, you make the problem go away, but don't have any details on what happened (cannot log) so it *WILL* happen again, automatically reboot helps recover from the issue, but results in the loss of all details that could be used to fix the issue.

The problem is that it may or may not crash before it destroys the
filesystem competely, and if the OS is written robustly it should not crash
just because the filesystem tables are corrupted (and Linux has done some
testing with something that puts random data on the filesystem to make sure
that it does not crash in those random corrupted data cases).


From this perspective, I  think microsoft way of crasing is a better

design. at least you know some wrong right away and reboot the
computer automatically can get it fixed.

That was not their design, MS tends to try to work around errors rather than
report the errors, so if then you get an error, it tries to cope and then
you get a completely unrelated cryptic error that really tells you nothing.
If if the crash said nothing useful to identify the failing component is it
useless, you have no idea what to fix, just crashing tells someone nothing.

If you had checked dmesg there should have been a clear error indicating
what happened, if all of the partitions on the filesystem were RO then I
would suspect that the disk itself quit talking, next time make sure to
check dmesg and see what it says.
ok. so it is too late to check since I already rebooted the OS?
Yeap, too late, if the root filesystem goes RO it does not leave any tracks except in dmesg.

I have seen the RO remount a number of times on lots of different HW/kernel/dist combinations, it is can be any number of issues, from a real hardware issue, a hardware driver issue, a filesystem driver issue, a bios issue, a main kernel issue, ... it has a lot of causes.

If it happens again, type "dmesg" and if possible save it someplace that it not readonly (type sync a few times to make sure it gets saved-or put it on a flash driver and if you have another device verify you have it), and then reboot.

                                   Roger

--

Markus,

Please do Not top-post.

Installing a well configured firewall does not in any way change his problem, it is unlikely to be a hacking issue, it is almost certainly a real problem of some sort.

People that break in to machine won't do anything (for the most part) to make the machine obviously wrong (they want to hijack it for their own usage, or completely destroy it), and breaking it to and and doing something obvious will cause them to be more likely to get caught. The RO has no point for a hacker, either they will "rm -r" your filesystem or do something else to cause major damage, or they will quietly use your cpu/diskspace/network connection for their own usages. It is not that easy to accidently cause a RO mount and it is rather pointless to do on purpose, so it is a lot more likely that it was a hardware/software failure.


                             Roger

                           Roger

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux