At 10:42 23/04/01, you wrote:
William, The one I listed below is one I would worry about. > ..5..... /bin/login <==== this looks bad. Normally you would have M5 or MD5....../bin/login instead of ....5.... This means its been changed. This is VERY VERY bad. Login is one of the first things that an intruder will change. Its usually part of a rootkit designed to hide their intrusions and logons. They can be logged on while you are and you wouldn't even see them (that's if they do it correctly).
I am getting this output on two Qube2's in our office- one which is not even connected to the net. Can you confirm that this means our systems have been compromised?
[admin@ds2 admin]$ rpm -V util-linux Unsatisfied dependencies for util-linux-2.7-5C4: /usr/bin/perl5 ..5..... /bin/login .M5..... /usr/bin/chfn .M5..... /usr/bin/chsh .M5..... /usr/bin/newgrp .M5..... /usr/bin/passwd .M...... /usr/bin/write