router question
R. Wood
rw at ncf.ca
Tue Jan 13 11:53:25 UTC 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Allegedly, on Tue, Jan 13, 2009 at 12:05:19AM -0400, Tom Daly stated:
> I have a Pll box in basement, cable modem plugs into one nic, house
> plugs into second nic. I had a friend set this up for me, and know
> very little about it, other than it's running Debian, periodically I
> do updates, and I still haven't groked iptables ...
>
> problem that has surfaced is after several weeks of intermittent power
> failures and my not being here for a week or so, I ssh'd into it
> earlier tonight to apt-get update, and _ALL_ my command history is
> gone
>
> I'm thinking this is not good ...
>
> any thoughts?
Hi,
Missing logs/command history *could* be a symptom of intrusion. For
starters, I would boot from a live or recovery CD of some kind and run
both:
- - rkhunter (rootkit, backdoor, sniffer and exploit scanner)
- - chkrootkit (Checks for signs of rootkits on the local system)
and see what output you get.
HTH,
Raymond
- --
"Be Nice, or Leave - By Order of the Management"
(Sign above door, Black Sheep Inn, Wakefield)
GPG Fingerprint: 2E4D 8605 DD48 E80F F893 1C02 B65D 86D9 3B3C 0E03
Encrypted E-mail Preferred
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFJbIC1tl2G2Ts8DgMRAq4qAJ9/92q1EUkbD6hLKgqOTow+Xwy5UwCg3oBf
B+kG084932nXjeAZgWG3NmE=
=nygj
-----END PGP SIGNATURE-----
More information about the ubuntu-ca
mailing list