Utok-smazany adresar root

Pondělí Únor 4 09:56:57 CET 2002

Dobry den vespolek,

Behem minuleho tydne, se opakovane smazal ( ci byl smazan) adresar root.
Dosti podstatna vec. Nemuzu najit nic podezleho. Mate nekdo nejaky napad.
Prihodilo se to nekomu take ?

Stalo se to na RH 6.x s 
	sshd version OpenSSH_2.9p2,
	ProFTPD Version 1.2.1
	imap resp ipop
	named 8.2.3-REL

v secure.log
Feb  2 00:27:36 ns sshd[3302]: debug1: Forked child 16214.
Feb  2 00:27:36 ns sshd[16214]: Connection from 211.199.180.7 port 3830
Feb  2 00:27:40 ns sshd[16214]: Did not receive identification string from
211.1
Feb  2 00:27:40 ns sshd[16214]: debug1: Calling cleanup 0x80657a0(0x0)

Feb  2 01:27:36 ns sshd[3302]: Generating new 768 bit RSA key.
Feb  2 01:27:37 ns sshd[3302]: RSA key generation complete.

Feb  2 08:06:08 ns sshd[3302]: debug1: Forked child 17284.
Feb  2 08:06:08 ns sshd[17284]: Connection from 193.205.77.206 port 3891
Feb  2 08:06:08 ns sshd[17284]: Did not receive identification string from
193.2
Feb  2 08:06:08 ns sshd[17284]: debug1: Calling cleanup 0x80657a0(0x0)

Feb  2 09:06:08 ns sshd[3302]: Generating new 768 bit RSA key.
Feb  2 09:06:09 ns sshd[3302]: RSA key generation complete.

Feb  3 06:16:57 ns sshd[21008]: Connection from 211.171.244.104 port 4696
Feb  3 06:16:57 ns sshd[3302]: debug1: Forked child 21008.
Feb  3 06:18:22 ns sshd[21008]: Did not receive identification string from
211.1
Feb  3 06:18:22 ns sshd[21008]: debug1: Calling cleanup 0x80657a0(0x0)

Feb  3 07:16:57 ns sshd[3302]: Generating new 768 bit RSA key.
Feb  3 07:16:58 ns sshd[3302]: RSA key generation complete.

Cas smazani (resp cas vytvoreni prazdneho) /root byl 03:30:00

S pozdravem
--  
Jaromír Boško

STAPRO s.r.o.
bosko na stapro.cz