security question: did I have an intruder?
This topic is something I'm concerned about, but mostly feel ignorant, incompetent, and inadequate.
I was at the system console viewing packages in Aptitude. X was not running. Nothing was installing at the moment. I was just reading. Seemingly out of the blue a message popped up, saying "sysadm: /dev/Xconsole does not exist".
This freaked me out because I just got DSL last week and I've actually been trying to learn as much as I can about firewalls and intrusion detection apps like Snort. But I'm not ready to be invaded!
Anyway, I am a single workstation behind an ADSL modem/router. Is it possible the message was innocuous, or did it mean someone tried to log into my machine? Which log would it be in?
Just to make this more fun: Supposedly, GuardDog was running, but I'm not sure. I tried KDE for a week to check it out. (I hated it, btw <G>). I was in Aptitude, starting to remove it one piece at a time, beginning with the 'extras'.)
Last edited by beebelo; 02-07-2006 at 09:46 AM.
|