On 04/02/2011 10:23 PM, Steven Stern wrote: > Both of my F14 systems had a file, /dev/ull, created during updates run > today. Does anyone else have /dev/ull? (note, not "null" but "ull".) > > OSSEC got very excited about it. > > Received From: mooch->rootcheck > Rule: 510 fired (level 7) -> "Host-based anomaly detection event (rootcheck)." > Portion of the log(s): > > File '/dev/ull' present on /dev. Possible hidden file. > > > Based on the timestamp, it was one of these updates: Apr 02 10:20:43 Updated: phonon-backend-xine-4.4.4-3.fc14.i686 Apr 02 10:20:46 Updated: phonon-4.4.4-2.fc14.i686 Apr 02 10:20:53 Updated: 1:gdm-2.32.1-2.fc14.i686 Apr 02 10:20:54 Updated: sip-4.12.1-4.fc14.i686 Apr 02 10:20:58 Updated: PyQt4-4.8.3-2.fc14.i686 Apr 02 10:20:59 Updated: 1:gdm-user-switch-applet-2.32.1-2.fc14.i686 Apr 02 10:21:00 Updated: 1:gdm-plugin-fingerprint-2.32.1-2.fc14.i686 -- -- Steve -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
