|
|
Re: lug-bg: Pak li e troyan ?
- Subject: Re: lug-bg: Pak li e troyan ?
- From: mano@xxxxxxxxxxxxx (Marian Popov)
- Date: Fri, 18 May 2001 12:21:36 +0300 (EEST)
Vzemi procheti ti malko.
Pyrvo kakto se vijda iasno sym se lognal kato root koeto mi dava
pylnoto pravo da pravia kakvoto si poiskam.
Vtoro vinagi sym si pravil tracetoute i ping kato user.
Treto okaza se troian ili po tochno exploit za suidperl.
Biaha mi troianizirani mnogo ot osnovnite komandi a syshto taka namerih v
/dev/ razni raboti, kato sniferi i etc. Syshto taka vyrviaha procesi,
koito ne se vijdaha s troianizirania ps.
Sega sichko sym opravil samo ne moga da pravia ping i traceroute kato
user. Niakoi moje li da mi kaje ot kyde da si gi opravia. Niamat +s
mano
On Thu, 17 May 2001, Todor Belev wrote:
> Breh ,
> spokoino be momche - kakvo si se pritesnil tolkova
> traceroute moje da pravi samo ROOT potrebitelia (ot
> izvestno vreme nasam)
> CHMOD shte ti dade greshka zashtoto se opitvash da pipiash
> fail, koito ne e sobstvenost na usera s koito si vliazyl.
> I syvsem normalno e da ne mojesh da chetesh /var/log
> failovete zashtot pak ne si ROOT .
>
> Preporyka: vzemi procheti niakoi system Administration Guide
>
> todorin
>
>
> >-------- Îðèãèíàëíî ïèñìî --------
> >Îò: <owner-lug-bg@xxxxxxxxxxxxxxxxxx>
> >Îòíîñíî: lug-bg: Pak li e troyan ?
> >Äî : <lug-bg@xxxxxxxxxxxxxxxxxx>
> >Èçïðàòåíî íà: 17.05.2001 13:26:51
> >-----------------------------------
> >
> >root@gateway:/bin# ls
> >Segmentation fault
> >
> >root@gateway:/bin# chmod -x ls
> >chmod: ls: Operation not permitted
> >
> >root@gateway:/home/mano# cp ls /bin/
> >cp: cannot create regular file `/bin/ls': Permission
> >denied
> >
> >I ne e samo tova.
> >Logvam se remote v mashinata s user i ne moga da pravia
> >traceroute
> >mano@gateway:~$ traceroute dir.bg
> >traceroute: icmp socket: Operation not permitted
> >
> >Zabeliazah che i /var/log/messages ne dava nikva
> >informacia kvo stava
> >zashtoto probvah telnet ot drugo miasto ama izobshto ne
> >otchita nikyde che
> >sym probval neshto.
> > /etc/syslog syshto mylchi kato pyn.
> >
> >Kakvo moje da e tova i ima li opravia ?
> >Triabva li da zareja Slackware i da mina na niakva
> >versia na BSD ili drug
> >UN*X ?
> >
> >mano
> >
> >
> >==-rw-r--r--=============================
> >== Pazardjik.com System Administrator ==
> >== GSM: +359 88 975753 ==
> >== e-mail: mano@xxxxxxxxxxxxx ==
> >=========================================
> >
> >
> >===========================================================
> ================
> >A mail-list of Linux Users Group - Bulgaria (bulgarian
> >linuxers)
> >http://www.linux-bulgaria.org/ Hosted by Internet Group
> >Ltd. - Stara Zagora
> >
> -----------------------------------
> Îòêðèé ïîëåçíàòà çà òåá èíôîðìàöèÿ- âå÷å è íà àíãëèéñêè â http://my.gbg.bg
>
>
>
>
> ===========================================================================
> A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers)
> http://www.linux-bulgaria.org/ Hosted by Internet Group Ltd. - Stara Zagora
>
==-rw-r--r--=============================
== Pazardjik.com System Administrator ==
== GSM: +359 88 975753 ==
== e-mail: mano@xxxxxxxxxxxxx ==
=========================================
===========================================================================
A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers)
http://www.linux-bulgaria.org/ Hosted by Internet Group Ltd. - Stara Zagora
|
|
|