-- [ Picked text/plain from multipart/alternative ] I'd be tempted to do some digging in the other logs like /var/log/auth.log and others for things around the same time and see if anythings there, fairly hard to tell if its a problem or not just from that alone.
On 11/27/06, TwoEyedHuman <[EMAIL PROTECTED]> wrote: > > I run ubuntu 6.10 i686 with hlds and I never log into the root account > itself. I just use sudo and then my password to get root. But, today > my tripwire found this: > > > ------------------------------------------------------------------------------- > Rule Name: System boot changes (/var/run) > Severity Level: 100 > > ------------------------------------------------------------------------------- > > Added: > "/var/run/console/root:1" > > Modified: > "/var/run/apache2.pid" > "/var/run/syslogd.pid" > > The apache and syslogd stuff is OK, but I just don't know why a file > called /var/run/console/root:1 was added. Could somebody have cracked > into my hlds server and gotten root? > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > -- _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
