My nightly diff check e-mail on a test box I am running (10.1) contained
this snippet of info:
Security Warning: the md5 checksum for one of your SUID files has changed,
maybe an intruder modified one of these suid binary in order to put
in a backdoor...
- Checksum changed file : /usr/X11R6/bin/Xwrapper
Now, should I run round like a headless chicken and unplug all electrical
appliances, or could it be generated by installing some other package? I'm
trying to remember what I installed yesterday before this message and the
only thing that springs to mind is TightVNC (which I can't get working, but
that's a different matter). Backdoor always makes me giggle ;).
Regards,
David Crotty
____________________________________________________
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
Join the Club : http://www.mandrakeclub.com
____________________________________________________
