Displaying 20 results from an estimated 4000 matches similar to: "Kernel modules listing"
2004 Feb 03
1
Re: Possible compromise ?
that only works when you are presuming that the host was not hacked already
because i would clear those logs when i hacked a system :)
but indeed it's a try,
If you remain unsure, it is best to reinstall the system to be sure that a
fresh
and newly updated (yeah update it when installed :)) system is not
compromised at that
time..
loads of work, but it gives you some relief to know that
2003 Jul 04
2
FW: who am i
Also, try doing 'who /etc' or any other directory.
-----Original Message-----
From: Mike Jakubik [mailto:mikej@trigger.net]
Sent: Friday, July 04, 2003 1:23 PM
To: Stable
Subject: RE: who am i
root@ns1:~# who am i
root ttyp1 Jul 4 13:20 (wettoast.org)
root@ns1:~# login
login: wettoast
Password:
Last login: Fri Jul 4 09:48:25 on ttyp1
Copyright (c) 1980, 1983, 1986,
2004 Feb 03
0
Re: Possible compromise ?
Yeah but if you are uncertain about your own box my VERY STRONG advise
is that you reinstall. IF your host is indeed owned, then you are a lot
further away then just reinstalling, god knows what issues can arrise
when a cracker exploits the system to do bogus tasks..
Then i say: Too bad for your time, sorry but it's like that
--
Kind regards,
Remko Lodder
Elvandar.org/DSINet.org
2006 Jan 11
5
FreeBSD Security Advisory FreeBSD-SA-06:01.texindex
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-06:01.texindex Security Advisory
The FreeBSD Project
Topic: Texindex temporary file privilege escalation
Category: contrib
Module: texinfo
2018 Jan 30
4
logging in
This is.... odd.
We're seeing a *lot* of
sshd[8400]: Timeout, client not responding.
So I'm trying to find out whose client is having issues. Trying to figure
that, after processes are gone, I tried looking in lastlog, which is where
it gets odd. lastlog shows root coming in, and it shows a security account
coming in... years ago.
I see one of our users logging in a goodly number of
2010 Jun 03
10
[Bug 1774] New: wtmp and lastlog on AIX
https://bugzilla.mindrot.org/show_bug.cgi?id=1774
Summary: wtmp and lastlog on AIX
Product: Portable OpenSSH
Version: 5.5p1
Platform: All
OS/Version: AIX
Status: NEW
Severity: normal
Priority: P2
Component: Build system
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy: defrayable at
2000 Mar 31
4
anomalous wtmp logging bug
I've noticed rather strange wtmp logging behavior in sshd. Can anyone
confirm or solve the following:
Once a user authenticates themself to sshd, sshd among other things
records the login in the wtmp, which `last` reads. However, sshd logs
hostnames which are longer than 16 characters instead of IPs like normal
programs would. As a result, I have useless entries such as:
tempest
2000 Jun 12
1
AIX and 2.1.1p1
The new login code works fine with AIX 4.3. Two nits, though. If
--disable-lastlog is defined, the code still tries to slog through wtmp
to determine the last login time. Is this a bug or a feature? If a
feature, change the DISABLE_LASTLOG test below to WITH_AIXAUTHENTICATE.
Also, a small typo in configure.in, plus an AIX tweak.
--- configure.in.orig Thu Jun 8 21:58:35 2000
+++ configure.in Mon
2002 Apr 05
2
Bug in all versions of OpenSSH
Hi,
I found a bug in all versions of SSH. I'll give you an example when the
bug occurs. When I connect to a remote computer using 'ssh
user at host.somewhere.in.th.net.com /bin/bash' (or /bin/tcsh) I log into
the remote computer and SSHD doesn't log this in wtmp,utmp,secure and
lastlog. It's *only* visible in /var/log/messages. That's all I want to
tell You. I hope
1999 Dec 27
2
Suggestion: login.c->record_login()
Hi,
A lot of the problems with openssh portability so far appear to be with
the login record functionality, i.e. lastlog support, and variations on
handling utmp vs. utmpx etc. Looking at for-profit SSH 1.2.27, login.c
is rather embarassing spaghetti code, so laden with '#ifdef's it's
almost impossible to read.
OpenSSH's code isn't anything like that, but then it doesn't
2004 Feb 28
3
Darkstat
Hi all,
please, tell me about security of Darkstat. Is it good idea to install it on
firewall/gateway ?
I'd like to measure our company traffic, but I do not have Apache running on
the gateway. How could I redirect Darkstat's output to web-server inside
company ?
Or is there some other tool, which can measure in/out traffic and send
output to another machine ? I know MRTG, but it uses
2000 Jun 13
2
Openssh-2.1.1p1 and solaris 7/8
Hello,
I just installed the above openssh onto a Sun Solaris 7 and Solaris 8 system.
No problem with that. However, I now seem to get some rubbish processed when
I login with slogin. An example:
Last login: Tue Jun 13 12:31:27 2000 from jhorne.csd.plymo:tJ`
^[[?1;2c
Telnet logs in okay, but just shows 'Last login...jhorne.csd.plymo'.
This seems to get passed to the shell, which it of
2000 Apr 24
2
OpenSSH 1.2.3, HPUX 10.20 [TCB]
Hello,
already checked the Mailinglist archive for HPUX Problems, but
havent found exact this:
./configure --prefix=/opt --without-pam --with-ssl-dir=/opt/OpenSSL
--with-lastlog=/var/adm/wtmp --with-egd-pool=/dev/entropy
--with-tcp-wrappers --with-pid-dir=/var/run --sysconfdir=/etc/ssh
and get after a make:
gcc -O2 -Wall -D_HPUX_SOURCE -I/usr/local/include -I/opt/include
2001 May 07
5
SSH and forced wtmp entries ...
Hi all!
wtmp entries are generated when loggin into a system without a command,
e.g. "ssh -l user system". When using an additional command executed by
ssh on the "other side", no wtmp entry will be generated. So the command
"ssh -l user system /bin/csh" will not generate a wtmp entry but the
user is logged in ... I have the problem right know. The users are starting
2005 Jun 16
2
last command - strange entries?
Greetings,
I am seeing strange entries when i perform "last -20" for example.
Here's a sample output becuase I can not seem to make any sense out of
this in the last two days and can't find any information online. Any
help is appreciated.
0 F=?Bttyp Wed Dec 31 16:00 still logged in
0 6??Bttyp Wed Dec 31 16:00
2004 Jun 12
2
Hacked or not appendice
Hi all again,
I must add, there are no log entries after June 9, 2004. "LKM" message first
apeared June 8, 2004, after this day, there is nothing in /var/messages,
/var/security .....
How could I look for suspicious LKM module ? How could I find it, if the
machine is hacked and I can not believe "ls", "find" etc. commands ?
Peter Rosa
2003 Oct 28
4
AIX patch for openssh-3.7.1p2
There are a couple of bugs in the openssh-3.7.1p2. The aix_setauthdb
function does not work with other types of authentication such as AFS/DFS.
The loginfailed test in configure is not correct. Also, AIX can use the
wtmp logging which I added in configure. Attached is the patch.
Thanks,
Matt Richards
-------------- next part --------------
*** openssh-3.7.1p2/openbsd-compat/port-aix.c Mon Jul 14
2004 May 21
12
Hacked or not ?
Hi,
I have a 4.9-STABLE FreeBSD box apparently hacked!
Yesterday I ran chkrootkit-0.41 and I don't like some of the outputs.
Those are:
chfn ... INFECTED
chsh ... INFECTED
date ... INFECTED
ls ... INFECTED
ps ... INFECTED
But all the rest is NOT PROMISC, NOT INFECTED, NOTHING FOUND, NOTHING DELETED, or NOTHING DETECTED.
I know by the FreeBSD-Security archives that
2015 Nov 18
2
[Bug 2499] New: It would be nice to have a tool to manage ssh connections
https://bugzilla.mindrot.org/show_bug.cgi?id=2499
Bug ID: 2499
Summary: It would be nice to have a tool to manage ssh
connections
Product: Portable OpenSSH
Version: 7.1p1
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: sshd
2005 Jan 24
4
ftp problem
Hi all,
I'm just setup a new freebsd to be a ftp server.
ftp-ing from localhost was success, but when i was
trying to ftp from other ip, got result "Connection
closed by remote host."
Kernel already configure with firewall (with options
FIREWALL_DEFAULT_TO_ACCEPT). rc.conf file already
contain "firewall_type=open".
What could be the problem? I can seem to solve this