|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: I've been hit with ksyslogd
From: Marco Presi (mpresi
FUB.IT)Date: Thu Oct 12 2000 - 13:58:46 CDT
- Next message: Guilherme Mesquita: "Re: nmap"
- Previous message: hei ke: "TCFS vs. CFS"
- In reply to: Jan Muenther: "Re: I've been hit with ksyslogd"
- Next in thread: Daniel Harrison: "Re: I've been hit with ksyslogd"
- Next in thread: Daniel P. Zepeda: "Re: I've been hit with ksyslogd"
- Next in thread: John Sage: "Re: IPChains newbie and DNS queries"
- Reply: Marco Presi: "Re: I've been hit with ksyslogd"
- Reply: Daniel Harrison: "Re: I've been hit with ksyslogd"
- Reply: mute: "Re: I've been hit with ksyslogd"
- Reply: Infrastructure Dept.: "Re: I've been hit with ksyslogd"
- Reply: Chris Jones: "Re: I've been hit with ksyslogd"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Thu, 12 Oct 2000, Jan Muenther wrote:
> It's the kernel syslog daemon. I would consider disabling it a
> pretty bad idea.
> --
> Radio HUNDERT,6 Medien GmbH Berlin
> - EDV -
> j.muentherradio.hundert6.de
>
Well, I'm not sure it's kernel daemon.
The file /usr/sbin/ksyslogd is not owned by any package of my RH6.2, and
no other pc on which i have RH6.2 contains that file.
Moreover the inittab and ksyslogd have the same modify and creation
time: 27th of September at 23:00 when I'm not in the lab...
I have the hacker access logged at the same time...
Maybe he has named his daemon like the logger.
In all my pc I run Rh6.2 but none of them contains the line:
ld:2345:respawn:/usr/sbin/ksyslogd
The kernel daemon on my machines is named klogd.
--Ciao Ciao
Marco
------------------------------------------------------------------------------- Don't miss'it http://www.linuxmeeting.org ....where all the penguins go!! Rome, November 10th-11th, 2000 -------------------------------------------------------------------------------
- Next message: Guilherme Mesquita: "Re: nmap"
- Previous message: hei ke: "TCFS vs. CFS"
- In reply to: Jan Muenther: "Re: I've been hit with ksyslogd"
- Next in thread: Daniel Harrison: "Re: I've been hit with ksyslogd"
- Next in thread: Daniel P. Zepeda: "Re: I've been hit with ksyslogd"
- Next in thread: John Sage: "Re: IPChains newbie and DNS queries"
- Reply: Marco Presi: "Re: I've been hit with ksyslogd"
- Reply: Daniel Harrison: "Re: I've been hit with ksyslogd"
- Reply: mute: "Re: I've been hit with ksyslogd"
- Reply: Infrastructure Dept.: "Re: I've been hit with ksyslogd"
- Reply: Chris Jones: "Re: I've been hit with ksyslogd"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]