On Sunday 28 August 2005 22:43, Webmaster wrote: > We have not been able to determine how a hacker was eble to crack one of > our hosts > and deposit binaries on all the hosts in our network (all hosts are FC3). > Modified: > "/usr/bin/411toppm" >.. > "/usr/bin/zeisstopnm" I fear you have been cracked by that dastardly evil cracker known to his IRC buddies as "yum". At a cursory glance, all of these listed apps seem to belong to the netpbm package. That was updated by Redhat a week or two ago... if you did a yum update or you run the yum autoupdate service, then that will explain the mysterious changes to your netpbm-related apps.... it's just an update. tail /var/log/yum.log rpm -q --last netpbm might help put your mind at rest on this troublesome "break-in". -Andy
Attachment:
pgpKqMOFU914i.pgp
Description: PGP signature
