Στις 13/11/2013 11:46 μμ, ο/η Ferrous Cranus έγραψε:
root@secure:~/lib64# ls -al | grep libkey
lrwxrwxrwx 1 root root 20 Jun 22 2012 libkeyutils.so.1 ->
libkeyutils.so.1.3.0*
-rwxr-xr-x 1 root root 10192 Jun 22 2012 libkeyutils.so.1.3*
-rwxr-xr-x 1 root root 32920 Jun 22 2012 libkeyutils.so.1.3.0*
root@secure:~/lib64# rpm -qf libkeyutils.so.1.3.0
file /lib64/libkeyutils.so.1.3.0 is not owned by any package
================================
It appears that my server has been compromised with a malicious payload
designed to sniff for and steal server passwords.
This must have happened when i was handling my root passwords out in the
open.
Served me well.
Can somebody explain to me why there is so many failed attempts to login
into my linux server under various user accounts?
http://i.imgur.com/5PaZAWu.png
I mean is this some normal background radiation of the Internet or is
something directed to me?
Does this happen on your servers at this extend too?
--
https://mail.python.org/mailman/listinfo/python-list