Mailinglist Archive: opensuse-security (636 mails)

< Previous Next >
Re: [suse-security] Complete mail lost, exploit?
  • From: Nix <suse@xxxxxxxxxxxxxxx>
  • Date: Thu, 08 Feb 2001 09:39:21 +1100
  • Message-id: <>
At 05:59 AM 8/02/2001, you wrote:
Hi all!

I get a bit paranoid now, this night all mail folders out of ~/Mail
disappeared, 4000 Mails gone away. First I thought of a failure in KMail
that hat destroyed the folders, but some other files in the root folder
disappeared as well.

Ouch. I don't suppose you rebooted the box by any chance? (check uptime pls)
This is quite possibly a disk/filesystem problem.

I checked the logs (messages, warn etc), nothing. No
failed logins, nothing to see. I have tcp dumps of the times system was

Using what capture program? tcpdump? or something a bit more intelligent?

the only thing I found there was a try to get mail from pop3 with a
wrong password, nothing else.

From who to what account?

I checked the open ports (not so many),
and found "Timbuktu srv4 on tcp port 1420". This service has now disappeard, I
closed every port, rechecked the firewall.

Does the firewall allow connections to this port?? How did you check the ports?
Try nmapping your machine from a know good install. (ie. not from localhost)
What processes were running? ("netstat -nap", "ps aufx")
How did you "close every port"?

I looked for Timbuktu and found
things about remote control for windows nt, so what is this timbuktu on my
SuSE Linux 7 system??? This stuff makes me sick, please can somebody


To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
For additional commands, e-mail: suse-security-help@xxxxxxxx

Nix - nix@xxxxxxxxxxxxxxxx

< Previous Next >
This Thread