Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Kernel 2.6.21.5, GNU (Slackware 12.0).
MPlayer 1.0rc2-4.1.2
KDE 3.5.7
artsd 1.5.7
KsCD 1.6
Hi:
I have strong reasons to believe my O.S. is corrupted. And
no matter how many times I reinstall it. It becomes
corrupted in a very short time:
(a) apropos repeats the same lines over and over again.
E.g., when the output should be of the form
a
b
c
it in fact is, say,
a
b
c
a
b
a
b
c
(only an example).
(b) /var/log/messages: here I see an intruder trying to get
into the system every 2s (seconds) or less. For example,
'Invalid user elsa from xx.xxx.xxx.xxx', but the next
time (less than 2s afterwards) it is elton instead of
elsa and so on (here they are using strict
lexicographical order, I now see). The intents are more
serious as time goes by. Even some messages are more
explicit: "POSSIBLE BREAK-IN ATTEMP!".
(c) MPlayer, just built and installed from the slackbuilds
sources and script for Slackware 12.0 fails when playing
audio CDs. I mean the sound has clicks at intervals, as
if being given only a very short CPU time or being
continuously interrupted (although KsCD running on KDE
has no problem at all).
In fact, this thing of /var/log/messages I've been
seeing it for over six months now. I once wrote to LQ
but nothing definite was said or done by me. The
answers I got where too technical for me. For example,
changing the port.
I begin by not knowing if I have a firewall installed
and running. I did 'apropos firewall' and I found
xfwp.
I then did 'ps -e|grep xfwp' and nothing was output,
notwithstanding I was running X at that moment.
Please understand I'm really a newbie in these sucurity
things. But nothing could make happier than stop seeing
those messages in /var/log/messages.
I see two ways in front of me: 1. By means of an
exhaustive description of the problem, to get a solution
from you. 2. Study all those guides I've downloaded from
the linux documentation project, especially that about
network adm and, by trial and error, arrive at a
solution.
For the time being, I've chosen the first. With time, I'll
become a better linux user/programmer. Thanks in advance.
It's good that you're dedicated and willing to work on this.
My suggestion would be to open a new post for each of the
three issues you mention. It gets confusing when posts are
not very specific.
The most important one is about the failed login attempts.
As long as you have a good password (upper case, lower case,
numbers and special characters) you don't need to worry about
the system integrity. Please run "last | more" and see if
there have been logins that you don't remember.
You gave two ways to approach learning, and I don't recommend
either one. A better way is to ask for tips or suggestions
on a specific topic and then study the specific item. If
needed, continue asking for tips while you are studying.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.