Date: Sat, 6 Sep 1997 00:11:28 -0700 (PDT) From: Doug White <dwhite@gdi.uoregon.edu> To: Costa Morris <costa@cortx.com> Cc: questions@FreeBSD.ORG Subject: Re: security check output Message-ID: <Pine.BSF.3.96.970906000944.7701V-100000@localhost> In-Reply-To: <3.0.2.32.19970904100201.00a41470@cortx.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 4 Sep 1997, Costa Morris wrote: > i recently received this in a security check output: > > setuid diffs: > 1,67c1,67 > < -r-sr-xr-x 1 root bin 40960 Apr 1 11:24:58 1997 /bin/chio [..] > > -r-sr-xr-x 1 root bin 40960 Apr 1 06:24:58 1997 /bin/chio For some reason all your files have timewarped hours. Did you do some sort of upgrade? You might check /var/log/messages for suspicious logins, as well as `last | less'. > can someone explain to me what happened? was my system compromised? Looks like a filetime change only. > i'm not sure if this is related or not but i am receiving messges like this: > > pid 17280 (mail), uid 1125 on /: file system full > > pid 17288 (mail), uid 1125 on /: file system full > > pid 17288 (mail), uid 1125 on /: file system full Hope these haven't been recent; you might make sure /tmp doesn't have any residual garbage laying around. > > pid 19871 (radiusd), uid 0: exited on signal 11 (core dumped) > > pid 19913 (radiusd), uid 0: exited on signal 11 (core dumped) This happens. Radius isn't a stable as it should be. Doug White | University of Oregon Internet: dwhite@resnet.uoregon.edu | Residence Networking Assistant http://gladstone.uoregon.edu/~dwhite | Computer Science Major Spam routed to /dev/null by Procmail | Death to Cyberpromo
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.970906000944.7701V-100000>