Mailinglist Archive: opensuse-security (757 mails)

< Previous Next >
Re: [suse-security] hack?
  • From: John Andersen <jsa@xxxxxxxxxxxxxx>
  • Date: Sat, 12 Jan 2002 13:19:55 -0900
  • Message-id: <200201122219.g0CMJtO11224@xxxxxxxxxxxxxx>
On Saturday 12 January 2002 08:12 am, test@xxxxxxxxxxxxxxxxxx wrote:
> i patched my kernel last nte via ftp.suse.com
> this evening it is calling my hostname www.dutchnews.com. ii have not
> changed the host and rc.config still has the old variable
> could thisbe some sort of trojan?
> kenneth

I had the same thing happen to me (with the stock kernel) only in
my case I was labled as www.cnn.com .

This was some freak accident of dhcp lease renual while
the browser was up ideling on cnn's page I suspect, but
I have never been able to repeat it.

When I pinged the machine from somewhere else it reported
back its Reverse DNS as cnn. It happened exactly
once, and was solved remotely by ssh in and rebooting it.


--
_________________________________
John Andersen / Juneau Alaska

< Previous Next >
This Thread
References