[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Hacked?? Help!!

Subject: Re: [cobalt-users] Hacked?? Help!!
From: "Gerald Waugh" <gerald@xxxxxxxxx>
Date: Wed Apr 18 14:48:10 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

"Wayne Sagar" <wsagar@xxxxxxxx>  wrote
> As mentioned in my last message, I noticed a telnet connection when doing a
> netstat.. doing a netstat -l brings me the "normal" listening stuff httpd
> and the mails stuff and the legato backup stuff.. this one worries me..
> 
> Active UNIX domain sockets (only servers)
> Proto RefCnt Flags       Type       State         I-Node Path
> unix  0      [ ACC ]     STREAM     LISTENING     295    /tmp/.s.PGSQL.5583
> 
> The /tmp/.s.PGSQL.5583 is an empty file sitting in the tmp directory and it
> was created at about the same time I noticed the telnet log in (if you have
> not read he previous message, telnet is turned off on this server) and I
> have never installed SQL on this machine..
<snip>
The .s.PGSQL.5583 is normal. Cobalt uses postgreSQL, so don't let that
worry you. These files are really in /home/tmp, /tmp is a ln
mysql and php also use this directory.
So, I think that is normal.
Maybe it was active monitor, that was connected, although I think that
normally is in the log-files.
Gerald

References:
- [cobalt-users] Hacked?? Help!!
  - From: Wayne Sagar

Prev by Date: Re: [cobalt-users] Hacked?? Telnet Connected But Not Activated?
Next by Date: [cobalt-users] RaQ vs Something Else
Previous by thread: [cobalt-users] Hacked?? Help!!
Next by thread: Re: [cobalt-users] Hacked?? Help!!

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index