Looks like its safe; 30 minutes before the email was sent out, i installed a package. I got thrown off because i thought the crc check was in real time.
update-alternatives: using /usr/bin/frm.mailutils to provide /usr/bin/frm (frm)$ update-alternatives: using /usr/bin/from.mailutils to provide /usr/bin/from (fr$ On Wednesday, June 4, 2014 1:08:36 PM UTC-4, Steven Stern wrote: > > Check your package updater's logs. > > On 06/04/2014 07:51 AM, dan (ddp) wrote: > > On Wed, Jun 4, 2014 at 4:53 AM, PAL 18 <[email protected] > <javascript:>> wrote: > >> I just got this a few minutes ago and i wasn't logged into the box. > Should i > >> be worried? Has my server been hacked? > >> > > > > You have to investigate the change. There's no way for us to know. > > > >> Rule: 550 fired (level 7) -> "Integrity checksum changed." > >> Portion of the log(s): > >> > >> Integrity checksum changed for: '/usr/bin/from' > >> Old md5sum was: '24dc25d90a3eca83ee42f2532f33e174' > >> New md5sum is : 'efbb9617688bb07ba38119d74d1b27da' > >> Old sha1sum was: '2908c6d4b2e09eeea85f549cfab4c7e68d7aed1c' > >> New sha1sum is : 'bad868d8da99eb14296553899feb44c35c8af47a' > >> > > > -- > -- Steve > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
