LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 08-12-2004, 12:20 AM   #1
BajaNick
Senior Member
 
Registered: Jul 2003
Location: So. Cal.
Distribution: Slack 11
Posts: 1,737

Rep: Reputation: 46
Does this mean I have been cracked?


I had been experiencing strange modem behavior only on my Linux system. I just ran rkhunter as root and this is part of the output.

* Check: SSH
Searching for sshd_config...
Found /etc/ssh/sshd_config
Checking for allowed root login... Watch out Root login possible. Possible risk!
Hint: see logfile for more information
info:
Hint: See logfile for more information about this issue
Checking for allowed protocols... [ Warning (SSH v1 allowed) ]

* Check: Events and Logging
Search for syslog configuration... found
Checking for running syslog slave... [ Warning! ]
Info: Cannot find syslog/syslog-ng daemon
Checking for logging to remote system... [ OK (no remote logging) ]



What should I do?
 
Old 08-12-2004, 01:10 AM   #2
ppuru
Senior Member
 
Registered: Mar 2003
Location: Beautiful BC
Distribution: RedHat & clones, Slackware, SuSE, OpenBSD
Posts: 1,791

Rep: Reputation: 46
edit your /etc/ssh/sshd_config

Look for tie PermitRootLogin keyword, un-comment it and set it to no.
Also, change Protocols from Protocols 2,1 to Protocols 2

Restart the sshd service. and run rkhunter again.


Last edited by ppuru; 08-12-2004 at 01:12 AM.
 
Old 08-12-2004, 10:33 PM   #3
BajaNick
Senior Member
 
Registered: Jul 2003
Location: So. Cal.
Distribution: Slack 11
Posts: 1,737

Original Poster
Rep: Reputation: 46
Thanks, that helped but It still show this:

Check: Events and Logging
Search for syslog configuration... found
Checking for running syslog slave... [ Warning! ]
Info: Cannot find syslog/syslog-ng daemon
Checking for logging to remote system... [ O

Is this something to be worried about?

Thanks again.
 
Old 08-12-2004, 11:34 PM   #4
ppuru
Senior Member
 
Registered: Mar 2003
Location: Beautiful BC
Distribution: RedHat & clones, Slackware, SuSE, OpenBSD
Posts: 1,791

Rep: Reputation: 46
Did you install syslog-ng?
 
Old 08-13-2004, 10:10 PM   #5
BajaNick
Senior Member
 
Registered: Jul 2003
Location: So. Cal.
Distribution: Slack 11
Posts: 1,737

Original Poster
Rep: Reputation: 46
I dont know. When would I have installed that? Never heard of it.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
cracked or not cracked (tripwire & chrootkit) ddaas Linux - Security 1 04-27-2005 07:29 AM
Possible Cracked.... Aeiri Linux - Security 4 02-22-2005 08:15 AM
i am cracked :-( adme Linux - Security 20 07-19-2003 12:37 PM
This just cracked me up! CragStar General 2 04-19-2002 11:13 PM
!!! THEMES.ORG gets cracked... rabidundead Linux - General 0 06-10-2001 03:03 AM


All times are GMT -5. The time now is 11:53 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration