Hey all, I was looking through my /var/log/secure file this evening on my FC5 system. I noticed, in addition to myself and the one other user on the system, that a number of sessions had been opened by a user named "beagleindex." It's opening a shell of /bin/false, which tells me that it's not a person but a program.
I did some checking on Google and near as I can tell, it appears to be some kind of SuSE RPM which is designed for searching. One site said that it "ransacks personal data" which frankly kind of creeped me out. I have only recently learned to read log files and can't always tell the malevolent from the benign. What I can't find, however, is any web resource which will tell me exactly what beagleindex is, what it's searching for, why it's opening sessions with root access, or how it got on my system. (I never saw this with my FC4 installation.) I'm concerned that this may be an indication that someone broke into my system and installed a data miner of some kind. Is there any truth to this fear and if so, what do I do about it? Thanks, Matt _______________________________________________ vox-tech mailing list [email protected] http://lists.lugod.org/mailman/listinfo/vox-tech
