Re: brute force ssh attack

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
Subject: Re: brute force ssh attack
From: "M.Rudra" <dr.rudra@xxxxxxxxx>
Date: Fri, 29 Apr 2005 17:27:58 -0400
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=ZztnfPrdkvge6F6kSdeL1r/jR1QwlEyuBEhT5KX/DangxvKHVhxRv5mz7vum7OKD9Ro82svtMYThqpzDOrL54Ao0BsfGimAahFW5OZ8ulSyDmD7/8qY6YiQD27zn7ibjpHxaGGpCedec2F9MK4k+weapSozdyRa07PXEp1kwWHw=
In-reply-to: <00c501c54b2e$61488a90$fd00a8c0@thomas>
List-archive: <https://www.redhat.com/archives/fedora-list>
List-help: <mailto:[email protected]?subject=help>
List-id: For users of Fedora Core releases <fedora-list.redhat.com>
List-post: <mailto:[email protected]>
List-subscribe: <http://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=subscribe>
List-unsubscribe: <http://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=unsubscribe>
References: <[email protected]> <[email protected]> <00c501c54b2e$61488a90$fd00a8c0@thomas>
Reply-to: "M.Rudra" <dr.rudra@xxxxxxxxx>, For users of Fedora Core releases <fedora-list@xxxxxxxxxx>

On 4/27/05, Thomas Cameron <thomas.cameron@xxxxxxxxxxxxxxx> wrote:
> > something.) Also check in /tmp and /var. And any luck with the
> > .bash_history? (For both the users and for root....)
> 
> Especially /var/tmp - that's a common place for rootkits to live.

a doubt  here , 

i checked /tmp and found 

srwxrwxrwx    1 wnn      wnn             0 Apr 27 22:30 jd_sockV4 
why does this file (socket) have different owner and user, while all
others have either root or  userabc.

drwxrwxrwt    2 xfs      xfs          4096 Apr 29 22:30 .font-unix
this hidden file also has different permission and different owner and
user, while others have either root or  userabc.

xfs and wnn ? are not users created by me so where did they come from ?

Can someone please clear this silly doubt. 
-- 
MR

Follow-Ups:
- wnn user (was Re: brute force ssh attack)
  - From: Joel
- Re: brute force ssh attack
  - From: ne...

References:
- Re: brute force ssh attack
  - From: Daniel Kirsten
- Re: brute force ssh attack
  - From: Matthew Miller
- Re: brute force ssh attack
  - From: Thomas Cameron

Prev by Date: Bluetooth
Next by Date: floppy/hard-drive FC3 installation
Previous by thread: Re: brute force ssh attack
Next by thread: Re: brute force ssh attack
Index(es):
- Date
- Thread

[Index of Archives] [Current Fedora Users] [Fedora Desktop] [Fedora SELinux] [Yosemite News] [Yosemite Photos] [KDE Users] [Fedora Tools] [Fedora Docs]