I run ubuntu 6.10 i686 with hlds and I never log into the root account itself. I just use sudo and then my password to get root. But, today my tripwire found this:
------------------------------------------------------------------------------- Rule Name: System boot changes (/var/run) Severity Level: 100 ------------------------------------------------------------------------------- Added: "/var/run/console/root:1" Modified: "/var/run/apache2.pid" "/var/run/syslogd.pid" The apache and syslogd stuff is OK, but I just don't know why a file called /var/run/console/root:1 was added. Could somebody have cracked into my hlds server and gotten root? _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
