Date: Thu, 30 Jan 1997 03:18:16 -0500 (EST) From: ## Troy Settle <rewt@i-plus.net> To: freebsd-questions@freebsd.org Subject: My security check output (fwd) Message-ID: <Pine.BSF.3.91.970130031456.5227A-100000@radford.i-plus.net>
next in thread | raw e-mail | index | archive | help
Can anyone explain this to me? I'm confused as to what the differences are in these files. have I been hacked? I don't see anything suspicious in my logs, or anywhere else. but, these suid files show up as being different. Am I missing something? ugh... it's too damn early in the morning... (late at night? who knows) Troy Settle <st@i-Plus.net> Network Administrator i-Plus Internet Services http://www.i-Plus.net ---------- Forwarded message ---------- Date: Thu, 30 Jan 1997 02:00:02 -0500 (EST) From: Charlie Root <root@i-plus.net> Subject: Radford security check output checking setuid files and devices: find: /home/.1/pitlord/www/sounds/built this city.mid: illegal path Radford setuid diffs: 77,80d80 < -r-xr-sr-x 1 bin kmem 12288 Nov 24 18:11:24 1996 /usr/sbin/slstat < -r-xr-sr-x 2 bin kmem 20480 Nov 24 18:11:14 1996 /usr/sbin/swapinfo < -r-sr-xr-x 1 root bin 20480 Nov 24 18:11:31 1996 /usr/sbin/timedc < -r-sr-xr-x 1 root bin 16384 Nov 24 18:11:31 1996 /usr/sbin/traceroute 88a89,92 > -r-xr-sr-x 1 bin kmem 12288 Nov 24 18:11:24 1996 /usr/sbin/slstat > -r-xr-sr-x 2 bin kmem 20480 Nov 24 18:11:14 1996 /usr/sbin/swapinfo > -r-sr-xr-x 1 root bin 20480 Nov 24 18:11:31 1996 /usr/sbin/timedc > -r-sr-xr-x 1 root bin 16384 Nov 24 18:11:31 1996 /usr/sbin/traceroute checking for uids of 0: root 0 toor 0
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.91.970130031456.5227A-100000>