[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Cracker tools found on a RaQ 4

Subject: Re: [cobalt-users] Cracker tools found on a RaQ 4
From: Bruce Timberlake <bruce@xxxxxxxxxx>
Date: Fri Feb 21 17:35:01 2003
Organization: BRTNet.org
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> Some interesting but not worrying results come back if you have
> Urchin installed, some poor QA there on an otherwise awesome
> product

Yeah, it's not meant to be definitive, just a possible sign of 
problems if you have files that nobody owns on the system.

> > Also you might want to run a check for all setuid files and see
> > if anything suspicious appears:
> >
> > find / -type f -perm +6000 -exec ls -lF {} \;
>
> I suppose it depends what a standard clean built RaQ shows - I get
> the following on a prod box - the main additions are openwebmail
> and Miva i presume the /usr stuff is correct.

Yep.  Again, the "find..." is just a way to quickly scan and see if 
anything doesn't "look right"

- -- 
Bruce Timberlake

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE+VtMdvLA2hUZ9kgwRAsZsAJ968JBsGblNR+TZaueaD6Z1LHy1MwCfST9B
M5yQu29j2kg4eMQD8bMu+GQ=
=MroC
-----END PGP SIGNATURE-----

References:
- RE: [cobalt-users] Cracker tools found on a RaQ 4
  - From: Gavin Nelmes-Crocker

Prev by Date: Re: [cobalt-users] Crontab Editing Question
Next by Date: [cobalt-users] MSN problem
Previous by thread: RE: [cobalt-users] Cracker tools found on a RaQ 4
Next by thread: [cobalt-users] MSN problem

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index