reinstalled an had a painful night seting up all services again
Am 01.01.2011 21:09, schrieb Chris Davies:
> Martin Lorenz <martin@lorenz.priv.at> wrote:
>> i recently noticed some errors at my mail-server and so I tried to drill
>> it down with my limited abilities.
>
>> what I found is really strange:
>> when copying a file (no matter which) the copy gets zero permissions.
>
> Silly question time, because I've encountered this kind of problem myself,
> once before...
>
> Is your filesystem remotely mounted from another server?
> Chris
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 4D2430DB.4000802@lorenz.priv.at">http://lists.debian.org/4D2430DB.4000802@lorenz.priv.at
01-06-2011, 01:48 PM
Jochen Schulz
SOLVED: permissions all zero when using 'cp'
Martin Lorenz:
>
> Thanks to all, who helped
>
> it definitely was a rootkit.
> came in by this exim bug:
Just out of curiosity: do you know when the attacker succeeded? The DSA
was published Dec 10th. Did you have a (theoretical) chance to install
the patch beofre the attack?
J.
--
I am on the payroll of a company to whom I owe my undying gratitude.
[Agree] [Disagree]
<http://www.slowlydownward.com/NODATA/data_enter2.html>
01-06-2011, 07:47 PM
Doug
SOLVED: permissions all zero when using 'cp'
On 01/06/2011 09:48 AM, Jochen Schulz wrote:
Martin Lorenz:
Thanks to all, who helped
it definitely was a rootkit.
came in by this exim bug:
Just out of curiosity: do you know when the attacker succeeded? The DSA
was published Dec 10th. Did you have a (theoretical) chance to install
the patch beofre the attack?
J.
I wish you would elaborate. What is a DSA, and what is the patch to which
you refer? (DSA: Denial of Service Attack?) I assume the patch is something
that repels rootkit attacks. Is the patch applicable to all Linux
distros? Is it
likely to appear in the repo? Would my distro most likely include it in the
usual upgrades I do every few days?
--doug
--
Blessed are the peacemakers...for they shall be shot at from both sides. --A. M. Greeley
--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Doug wrote:
> Jochen Schulz wrote:
> >Martin Lorenz:
> > > Thanks to all, who helped
> > >
> > > it definitely was a rootkit. came in by this exim bug:
> >
> > Just out of curiosity: do you know when the attacker succeeded? The DSA
> > was published Dec 10th. Did you have a (theoretical) chance to install
> > the patch beofre the attack?
>
> I wish you would elaborate. What is a DSA, and what is the patch to which
> you refer? (DSA: Denial of Service Attack?)
DSA is Debian Security Advisories. Each one is numbered for later
reference. You can read about them here.
http://www.debian.org/security/
I recommend subscribing to the debian-security-announce mailing list.
Then you will get notice of each advisory as it is posted. It is a
low volume list for announcements only.
> I assume the patch is something that repels rootkit attacks. Is the
> patch applicable to all Linux distros? Is it likely to appear in
> the repo? Would my distro most likely include it in the usual
> upgrades I do every few days?
If you haven't already done so you should also make sure that you have
the security repository included in your APT sources.list file.
deb http://security.debian.org/ lenny/updates main contrib non-free
Replace "lenny" in the above with the name of your current release.
The exim4 advisory is this one:
http://www.debian.org/security/2010/dsa-2131
I install all security upgrades as quickly as possible on all of my
machines.
SOLVED: permissions all zero when using 'cp'
