Re: Hacked?
From: Blaine Kahle (goatee_at_binary.net)
Date: 05/11/03
- Previous message: Tim Baur: "Re: md5 hash request:"
- In reply to: Brett Glass: "Re: Hacked?"
- Next in thread: Mikko Työläjärvi: "Re: Hacked?"
- Reply: Mikko Työläjärvi: "Re: Hacked?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 11 May 2003 13:03:21 -0500 To: Brett Glass <brett@lariat.org>
On Fri, May 09, 2003 at 11:01:21AM -0600, Brett Glass wrote:
> At 08:25 AM 5/9/2003, Bjoern A. Zeeb wrote:
>
> >this asumes that truss is ok ;-) perhaps take the truss from your
> >other 4.7 machine ...
>
> Yes, you do have to be careful of this. I recently investigated a
> machine that had been "owned," and when truss was applied to some
> commands (e.g. netstat) it produced no output.
I'm showing that truss'ing netstat produces no output on several
versions of FreeBSD that I have installed. Is this correct behavior? The
truss and netstat binaries both check out when compared to the listings
at http://www.knowngoods.org/
-- Blaine Kahle blaine@binary.net 0x178AA0E0 _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
- Previous message: Tim Baur: "Re: md5 hash request:"
- In reply to: Brett Glass: "Re: Hacked?"
- Next in thread: Mikko Työläjärvi: "Re: Hacked?"
- Reply: Mikko Työläjärvi: "Re: Hacked?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
