FAQ

???? 13/11/2013 11:46 ??, ?/? Ferrous Cranus ??????:
root at secure:~/lib64# ls -al | grep libkey

lrwxrwxrwx 1 root root 20 Jun 22 2012 libkeyutils.so.1 ->
libkeyutils.so.1.3.0*
-rwxr-xr-x 1 root root 10192 Jun 22 2012 libkeyutils.so.1.3*
-rwxr-xr-x 1 root root 32920 Jun 22 2012 libkeyutils.so.1.3.0*

root at secure:~/lib64# rpm -qf libkeyutils.so.1.3.0
file /lib64/libkeyutils.so.1.3.0 is not owned by any package

================================

It appears that my server has been compromised with a malicious payload
designed to sniff for and steal server passwords.

This must have happened when i was handling my root passwords out in the
open.

Served me well.





Can somebody explain to me why there is so many failed attempts to login
into my linux server under various user accounts?


http://i.imgur.com/5PaZAWu.png


I mean is this some normal background radiation of the Internet or is
something directed to me?


Does this happen on your servers at this extend too?

Search Discussions

Discussion Posts

Previous

Follow ups

Related Discussions

People

Translate

site design / logo © 2022 Grokbase