Re: Worried about having been hacked

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,
I've checked this out and that was happening, but I've just had this
reported by rkhunter;

Warning: Package manager verification has failed:
         File: /bin/rpm
         Try running the command 'prelink /bin/rpm' to resolve
dependency errors.
         The file hash value has changed
         The file size has changed
Warning: Package manager verification has failed:
         File: /usr/bin/passwd
         Try running the command 'prelink /usr/bin/passwd' to resolve
dependency errors.
         The file hash value has changed
         The file size has changed
Warning: Package manager verification has failed:
         File: /usr/bin/perl
         Try running the command 'prelink /usr/bin/perl' to resolve
dependency errors.
         The file hash value has changed
         The file size has changed
Warning: Package manager verification has failed:
         File: /sbin/chkconfig
         Try running the command 'prelink /sbin/chkconfig' to resolve
dependency errors.
         The file hash value has changed
         The file size has changed

I'm not entirely sure what these errors mean though, have these files
been trojan'ed.

Best regards
James

Rick Stevens wrote:
> Arthur Pemberton wrote:
>> On Mon, Jul 6, 2009 at 12:01 PM, James
>> Allsopp<jamesaallsopp@xxxxxxxxxxxxxx> wrote:
>>> Hi,
>>> I've a Fedora core 10 system which spends a lot of the time connected
>>> directly to the internet, with a static ip. The only external ports open
>>> are 80 and 22. SSH only allows access to one non-root user via an rsa
>>> key. I'm using an IPtables script from
>>>
>>>> http://iptables-tutorial.frozentux.net/iptables-tutorial.html
>>> However, I normally get my logs e-mailed to an external account and
>>> they're not getting to me. I'm not sure if they've not been sent or my
>>> logs are being altered and hidden. How do I diagnose this problem, and
>>> in general look for security incursions. I'm thinking of leaving
>>> wireshark running on the external ethernet card and see what happens.
>>>
>>> Thanks, any advice much appreciated.
>>> Jim
>>>
>>
>> Have you checked your Spam folder on the receiving email account?
>> Email sent through the mail command tends to get rated very poorly by
>> spam filters.
> 
> You might check the /var/spool/clientmqueue directory to see if the
> mail's been spooled but not sent out and look at the /var/log/maillog
> file to verify the mail was indeed sent to the external account.
> ----------------------------------------------------------------------
> - Rick Stevens, Systems Engineer                      ricks@xxxxxxxx -
> - AIM/Skype: therps2        ICQ: 22643734            Yahoo: origrps2 -
> -                                                                    -
> -     I was married by a judge.  I should have asked for a jury.     -
> -                                                   -- Groucho Marx  -
> ----------------------------------------------------------------------
> 

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux