Date: Sat, 22 Aug 1998 01:56:03 -0400 (EDT) From: djv@bedford.net To: vagner@vagner.com (George Vagner) Cc: djv@bedford.net, vagner@mutsgo.kf7nn.com, questions@FreeBSD.ORG Subject: Re: wierd Message-ID: <199808220556.BAA06910@lucy.bedford.net> In-Reply-To: <35DE5168.8DF53FD@vagner.com> from George Vagner at "Aug 22, 98 00:04:40 am"
next in thread | previous in thread | raw e-mail | index | archive | help
George Vagner wrote > there was no access to the console other than myself > ever. how could someone install a root kit without > root access. Obtain a login as an ordinary user, then exploit a local way of getting root. A failed attempt to login locally, like "login" or "telnet localhost", might generate such error messages. I'd look for activity in all system logs around the time in question, and inspect the password database for alterations. Of course, such messages can be faked, too. Dave To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199808220556.BAA06910>