Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I was doing my normal backup routine with WinSCP. Backing up from the server to my desktop. (remote server) It usually takes about 2 or 3 hours to finish completely.
But while it was 74% complete, I got a WinSCP message that said "eterm already exists" . And it gave me the typical prompt asking me what i'd like to do next. (overwrite, yes, no, etc )
This was very weird...as I was coping the directory to a completely empty directory on my desktop. There was nothing at all in there beforehand. Why would it ask me something like that ?
Then I google'd 'eterm' and got a little more paranoid. Initially I did say yes to copy...but after I saw the google results, I canceled all.
Any idea what could of happened ? I'm redoing the backup again now...with root access.
Why would the Google results for "eterm" make you suspicious? For that matter, what exactly makes you think this is a security issue?
As I understand it, you were copying files from a Linux machine onto a Windows machine with Windows software, and the software said the file existed on the local machine already. It is indeed a little odd, but I am straining to think of any way that could be a security issue or evidence of a possible break-in.
Is there some specific case you found references to online which showed behavior like this was linked to a security issue?
MS3, its just that i've never seen my WinSCP transfer be interrupted like that before mid-way through the 'copying' (backing up) process. As if something got in there or hacked the connection midway through.
I never downloaded or had anything related to eterm in my download....or to the place it was downloading to. (it was a brand new , empty folder created a minute before the download started)
With all this being said, I haven't noticed any suspicious behavior since.
A programming error most likely, as with most bugs. I don't know the specifics, as I'm not a programmer. Also, the software's maintainer didn't provide an explanation when he stated the fix had been applied AFAICT.
Quote:
I have a version thats like 2 years old too..
Why don't you upgrade to the latest stable version?
Quote:
They can hack in or something ?
Honestly, this bug doesn't sound like the type to allow for that sort of thing. Of course, you never know — and running old, unmaintained software is sort of like asking for trouble IMHO.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.