PART ONE: auth.log:
Apr 10 13:53:48 diwa PAM_unix[615]: authentication
failure; (uid=508) -> trojohn for system-auth service
Apr 10 13:53:48 diwa kcheckpass[615]: authentication
failure for user trojohn [uid 508]
Apr 10 13:53:50 diwa PAM_unix[617]: authentication
failure; (uid=508) -> trojohn for system-auth service
Apr 10 13:53:55 diwa PAM_unix[619]: authentication
failure; (uid=508) -> trojohn for system-auth service
Apr 10 13:53:55 diwa kcheckpass[619]: authentication
failure for user trojohn [uid 508]
Apr 10 13:54:02 diwa PAM_unix[621]: authentication
failure; (uid=508) -> trojohn for system-auth service
Apr 10 13:54:02 diwa kcheckpass[621]: authentication
failure for user trojohn [uid 508]
Apr 10 13:54:11 diwa PAM_unix[623]: authentication
failure; (uid=508) -> trojohn for system-auth service
Apr 10 13:54:11 diwa kcheckpass[623]: authentication
failure for user trojohn [uid 508]
Apr 10 13:54:20 diwa PAM_unix[625]: authentication
failure; (uid=508) -> trojohn for system-auth service
Apr 10 13:54:20 diwa kcheckpass[625]: authentication
failure for user trojohn [uid 508]
Apr 10 13:54:28 diwa PAM_unix[627]: authentication
failure; (uid=508) -> trojohn for system-auth service
Apr 10 13:54:28 diwa kcheckpass[627]: authentication
failure for user trojohn [uid 508]
Apr 10 13:54:39 diwa PAM_unix[629]: authentication
failure; (uid=508) -> trojohn for system-auth service
Apr 10 13:54:39 diwa kcheckpass[629]: authentication
failure for user trojohn [uid 508]
Apr 10 13:54:45 diwa PAM_unix[631]: authentication
failure; (uid=508) -> trojohn for system-auth service
Apr 10 13:54:45 diwa kcheckpass[631]: authentication
failure for user trojohn [uid 508]
Apr 10 13:54:54 diwa PAM_unix[633]: authentication
failure; (uid=508) -> trojohn for system-auth service
Apr 10 13:54:54 diwa kcheckpass[633]: authentication
failure for user trojohn [uid 508]
Apr 10 13:54:59 diwa PAM_unix[635]: authentication
failure; (uid=508) -> trojohn for system-auth service
Apr 10 13:54:59 diwa kcheckpass[635]: authentication
failure for user trojohn [uid 508]
Apr 10 13:55:40 diwa PAM_unix[638]: authentication
failure; LOGIN(uid=0) -> trojohn for system-auth
service
Apr 10 13:55:40 diwa login[638]: FAILED LOGIN 1 FROM
(null) FOR trojohn, Authentication failure
Apr 10 13:55:50 diwa login[638]: FAILED LOGIN 2 FROM
(null) FOR trojohn, Authentication failure
Apr 10 13:55:58 diwa PAM_unix[638]: check pass; user
unknown
Apr 10 13:55:58 diwa PAM_unix[638]: authentication
failure; LOGIN(uid=0) -> TROJOHN for system-auth
service
Apr 10 13:55:58 diwa login[638]: FAILED LOGIN 3 FROM
(null) FOR TROJOHN, Authentication failure
Apr 10 13:56:06 diwa PAM_unix[638]: check pass; user
unknown
Apr 10 13:56:06 diwa PAM_unix[638]: authentication
failure; LOGIN(uid=0) -> ROOT for system-auth service
Apr 10 13:56:06 diwa login[638]: FAILED LOGIN SESSION
FROM (null) FOR ROOT, Authentication failure
Apr 10 13:56:06 diwa PAM_unix[638]: 1 more
authentication failure; LOGIN(uid=0) -> trojohn for
login service
Apr 10 13:56:14 diwa PAM_unix[639]: check pass; user
unknown
Apr 10 13:56:14 diwa PAM_unix[639]: authentication
failure; LOGIN(uid=0) -> ROOT for system-auth service
Apr 10 13:56:14 diwa login[639]: FAILED LOGIN 1 FROM
(null) FOR ROOT, Authentication failure
Apr 10 13:56:23 diwa PAM_unix[639]: authentication
failure; LOGIN(uid=0) -> root for system-auth service
Apr 10 13:56:23 diwa login[639]: FAILED LOGIN 2 FROM
(null) FOR root, Authentication failure
Apr 10 13:58:11 diwa PAM_unix[342]: (system-auth)
session opened for user xfs by (uid=0)
PART TWO: security.log entries:
*** Security Check, Thu Mar 22 04:01:36 IST 2001 ***
Security Warning: World Writeable files found :
- /home/trojohn/.xtrojka.prefs.bin
- /tmp
- /tmp/.ICE-unix
- /tmp/.ICE-unix/1256
- /tmp/.ICE-unix/1363
- /tmp/.ICE-unix/1537
- /tmp/.ICE-unix/1801
- /tmp/.ICE-unix/387
- /tmp/.ICE-unix/770
- /tmp/.ICE-unix/844
- /tmp/.ICE-unix/905
- /tmp/.X11-unix
- /tmp/.X11-unix/X0
- /tmp/.font-unix
- /tmp/.font-unix/fs-1
-
/usr/X11R6/lib/X11/fonts/tamil/Mylaitsc.bdf
-
/usr/games/Maelstrom/Maelstrom-Scores
- /usr/share/apps/kscd/cddb/blues
- /usr/share/apps/kscd/cddb/classical
- /usr/share/apps/kscd/cddb/country
- /usr/share/apps/kscd/cddb/data
- /usr/share/apps/kscd/cddb/folk
- /usr/share/apps/kscd/cddb/jazz
- /usr/share/apps/kscd/cddb/misc
- /usr/share/apps/kscd/cddb/newage
- /usr/share/apps/kscd/cddb/reggae
- /usr/share/apps/kscd/cddb/rock
- /usr/share/apps/kscd/cddb/soundtrack
- /var/lib/games/xboing.score
- /var/lib/games/xjewel.scores
- /var/lib/games/xtrojka.score
- /var/lib/svgalib
- /var/lib/texmf
- /var/lib/texmf/ls-R
- /var/spool/samba
- /var/tmp
These are the ports listening on your machine :
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign
Address State PID/Program name
tcp 0 0 *:6000 *:*
LISTEN 368/X
tcp 0 0 *:1024 *:*
LISTEN 358/kdm
udp 0 0 *:xdmcp *:*
358/kdm
raw 0 0 *:icmp *:*
7 -
raw 0 0 *:tcp *:*
7 -
PART 3: response to the command "locate nmap"
[utility]
Window = LICQ
Command = nmap -sT -v -PT %i
Description = Scan for open ports.
--
NOTE: i've increased the security level to "High"
after viewing these files.
- Diwakar
=====
GNU/Linux, for technical and ethical reasons.
____________________________________________________________
Do You Yahoo!?
Get your free @yahoo.co.uk address at http://mail.yahoo.co.uk
or your free @yahoo.ie address at http://mail.yahoo.ie
_______________________________________________
linux-india-help mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/linux-india-help
