Re: newbie with www user security problem

• Previous message: Ken Hawkins: "Re: newbie with www user security problem"
• In reply to: Ken Hawkins: "Re: newbie with www user security problem"
• Next in thread: Arne : "Re: newbie with www user security problem"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 11 Aug 2005 16:50:23 +0100
To: Ken Hawkins <ken@rosewoodblues.com>

Quoth Ken Hawkins on Thu, Aug 11, 2005 at 11:32:44 -0400
> The box is secure that much i have found out. the only problems have
> been with this email spamming. nothing in the tmp dirs out of the
> ordinary and no missing files running scripts etc. I have changed
> everyone passwords on the box. *'d the www password, ensured there is
> no shell with the www user, etc.

Have you run chkrootkit on it?
 
> i am in the process of upgrading the ports now and there are problems
> (of course). the ports seem to have been mangled as the listing in /
> var/db/ports does not match what i KNOW is running on the box. The
> person i have inherited this from manually deleted from the /var/db/
> ports to get some of the applications to re-install! gotta love that!

ICK! Make sure you database is fine otherwise, you'll get into no end
of trouble.
 
> well here i come port fix hell! This is a production box and can't be
> taken off line as of this moment so i am going to have to attempt on
> the fly fixing / upgrading of the ports. i would love to wipe it but
> it is just not a possibility right now.

Oh dear. How about living it as is -- minus the spam emailer -- and
rebuilding another one to replace it?
 

-- 
yann@kierun.org                  -=*=-                      www.kierun.org
    PGP:   009D 7287 C4A7 FD4F 1680  06E4 F751 7006 9DE2 6318

• application/pgp-signature attachment: stored

• Previous message: Ken Hawkins: "Re: newbie with www user security problem"
• In reply to: Ken Hawkins: "Re: newbie with www user security problem"
• Next in thread: Arne : "Re: newbie with www user security problem"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: portupgrade O(n^m)? ... the whole set of ports in a couple of seconds. ... Portmaster in no way solves this problem, ... I'm not sure what you mean by "nor helps upgrading in a reasonable ... of dependency graphing the entire ports tree. ... (freebsd-hackers) Re: Why does portsdb -Uu run so long? ... and the other one for ports. ... portsnap, regardless of how fast it is. ... There's no reason to do a buildworld sequence everytime you upgrade the ports ... upgrading with portugrade -arR, I'll be done and using the system. ... (freebsd-questions) Re: Downgrade a port ... On Sunday 11 December 2005 11:55, Robert Fitzpatrick wrote: ... > since upgrading several packages. ... Of all the packages that were upgraded ... All ports were upgraded via portupgrade, ... (freebsd-questions) Re: Updating ports ... The main difference that is relevant to me personally is that portmanager ... It rebuilds ports in such a way that the result is, in theory, supposed to be ... I find this is the most useful upgrading method. ... dependency information, etc). ... (freebsd-questions) Re: Using portupgrade ... > What are some considerations to make before upgrading the ports? ... > upgrading them overwrite the existing config files? ... you've reviewed any changes to the Makefiles of the ports in question, ... (freebsd-questions)