On 24/07/17 08:07 AM, Carlos E. R. wrote:
They send a bazillion mails per day, two of them are running SAP systems that spread notification mails. Sigh. I can't simply stop them and install anew before the existence of malware on those is proven.
Of course.
Well, Werner, you can start by running an integrity check on all your executables. But it comes down to what constitutes 'proof', what amounts to sufficient evidence. That it exists as a phenomena but is absent from the logs might be enough for some of the more paranoid of us. There is also the matter that binaries here have UNIX semantics not Windows semantics. If a program opens a library file on start up then so long as it holds the file handle open it has the file as it was when the program started. We often see this after running 'zypper up' if we run 'zypper ps'. We can see that running programs are using library files that have been deleted and upgraded to a later version in the zypper process. The program runs, uninterrupted, with the old library. Some process, IIR Postfix is one, can be sent a signal telling them to restart. For some, that is just re-read the config files, others, it is a complete reinitialization. Worst case there is the 'systemctl restart', or one of the combination reload and or restart options. Think of it as a 'Bounce': down then back up again immediately.
But maybe you can search for it. :-?
A bit of detective work ... -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org