I wonder looking at that thread if anyone actually saw or did a serious survey on cracked linux boxes.. etc.. Has there been any serious studies conducted by RH as to the whole security of their distros, recorded events of boxes that were cracked ? In fact is there anyone on the list who ever had his box cracked ? Ric Like usual,thinking is getting me in trouble.. :( On Tue, 29 Apr 2003 14:46:56 -0400 (EDT) "Steven W. Orr" <steveo@xxxxxxxxxxx> wrote: > On 6:32pm, quoth Mike: > > =>Hi > =>I have a horrible feeling that my system may have been compromised > => > =>I have a file libwrap.a (part of tcp_wrappers) > => > =>like this > => > =>?r-x-wxrwt 26977 25716 159071 1969188457 May 4 2031 > =>/usr/lib/libwrap.a > => > =>(in rescue mode the permissions are Br-x-wrwt) > => > =>and rpm -V shows > =>rpm -V tcp_wrappers > =>SM?..UGT /usr/lib/libwrap.a > => > =>This file cant be deleted. > => > =>I have replaced all other files directly. > => > =>So the question is - is it possible to repair this without a full > =>re-install? > => > =>(Running RH9) > You could try and make life a bit easier on yourself: > > rpm -Va > check all your running processes and also run chkconfig --list > Run lsattr and read the chattr man page. > Check out http://www.fiaif.net/ > > --
