[sf-lug] Interlopers/intrusion/linux security (continuation of "interlopers"

Asheesh Laroia asheesh at asheesh.org
Fri Jul 20 23:29:19 PDT 2007

On Fri, 20 Jul 2007, Alex Kleider wrote:

> I'm running Debian Etch and have been doing updates regularly.
> Output of the uname -a command returns
> Linux belmont 2.6.18-4-686 #1 SMP ....

Well, that seems reasonable.

My first guess, perhaps since it's how people break into my systems most 
often, is that you're running some web application like WordPress or phpBB 
that has some vulnerability that some loser is attacking you through.

>> If you don't know what services you run, an easy way to find out is to 
>> do "nmap localhost" (you may need to install the nmap package from your 
>> distribution).
> I've installed and run nmap and it has given me some interesting
> results , some surprises and some things I don't understand.

> I'd like to show you the  output. Do you know how I can get the output
> into this email that I am running using iceweasel under Xwindow? I can
> send the output to a file but I don't know if I can attach a file to a
> posting to this system.

You can just open the output in a terminal or a text editor and select all 
of it and do "copy" and then "paste" it into Iceweasel.

If you really want, you could attach it; I think this mailing list allows 
text file attachments.

I think it'd be much easier to explain what I think at a meeting.  I guess 
that won't be for a few weeks though, so email is just fine until then.

-- Asheesh.

Newman's Discovery:
 	Your best dreams may not come true; fortunately, neither will
 	your worst dreams.

More information about the sf-lug mailing list