Mailinglist Archive: opensuse-security (636 mails)

< Previous Next >
Re: [suse-security] Complete mail lost, exploit?
  • From: Stefan Suurmeijer <stefan@xxxxxxxxxxxx>
  • Date: Thu, 8 Feb 2001 11:32:18 +0100 (CET)
  • Message-id: <Pine.LNX.4.30.0102081117490.30457-100000@xxxxxxxxxxxxxxxxxxxx>
On Thu, 8 Feb 2001, Hans Hermann Meyer wrote:

> >> I looked for Timbuktu and found things about remote control for windows nt,
> >> so what is this timbuktu on my SuSE Linux 7 system??? This stuff makes me
> >> sick, please can somebody help.
> >
> > If I remember correctly, I used Timbuktu to remote access Macs (apple) [like
> > PcAnywhere]. Maybe they once ported the entire thing to Linux.
>
> Timbuktu is available as well for Mac as for Wintels. Find more information
> about it here: <http://www.netopia.com/software/products/tb2/>
>
> Cheers, Hans
>

If you think you were hacked, unplug the box from the internet (NEVER
reboot/close ports whatever before trying to find out what was going on).
Look at CERT's documents on root hacks and intruder detection
(www.cert.org/tech_tips/root_compromise.html and
www.cert.org/tech_tips/intruder_detection_checklist.html).
Of course you losing those mails could have just as easily been a
filesystem/harddisk problem, but if you find unknown daemons running in
combination with that you might want to be careful.


hope this helps,

Stefan



< Previous Next >
References