| |
| |
| |
|
Page: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61
Comments:
<0> yes, there are wireless hard drive enclosers
<0> I have one, it runs linux too heh
<1> try this briantumor
<2> Kevin`, minter
<0> minter?
<3> lsusb: Bus 001 Device 007: ID 04e8:3413 Samsung Electronics Co., Ltd
<4> facefaceface: yeah long time ago, with samadhi firmware
<3> bsdirl, try what?
<4> then i reverted back to original linksys firmware
<1> oh sorry, was busy irl
<1> try this at a terminal.. i ***ume youre gonna mount a usb flash drive right?
<1> mount -t vfat /dev/sda1 /mnt/usb
<1> or something similar..
<5> if you tail -f dmesg while plugging it in, it will show you the device node to use
<0> you can't tail -f dmesg
<0> cat /proc/kmsg
<1> dmesg -tail right?
<1> or dmesg | tail
<6> Kevin`: /var/log/dmesg
<7> I thought it was /var/log/messages
<0> my command is simpler
<0> and ***uming you have /var/log/dmesg
<0> gnome trys to make a screenshot every time I use sysrq
<0> :(
<8> fcuk that #moved channel, ridiculous waste of time
<9> tail -f `dmesg`
<0> sigh
<0> did you even try that?
<10> hurry
<10> iam being rooted
<10> pts/3 Jun 4 14:55 (202.1.198.209)
<9> Alley^Away, it's our last line of defense against retards who can't spell it right the first time.
<10> how do i kill that
<7> If I dmesg | tail, tail /var/log/dmesg or tail /var/log/messages I get different output for each
<9> Aleo, ouch.
<0> Aleo stop sshd, inetd
<10> one user has rooted
<9> Aleo, kill the bash shell.
<0> pkill -t pts/3
<0> pkill -9 -t pts/3
<0> *
<10> if i ssh i will get no access
<8> I'm helping Aleo, I'm on as root too - how do we kill'em off
<7> So what file does dmesg look at ?
<7> Or does it even read a file?
<11> kernel ring buffer
<9> Alley^Away, ps -t
<10> afrahsad pts/3 Jun 4 14:55 (202.1.198.209)
<10> v
<0> Aleo add that ip to hosts.deny
<10> oops
<0> but kill the damn terminal
<10> afrahsad pts/3 Jun 4 14:55 (202.1.198.209)
<0> do both rather quickly
<9> Alley^Away, then kill all the respective processes.
<10> how do i killl him
<0> pkill -9 -t pts/3
<0> pkill -u afrahsad if your root
<10> ok
<7> -u afrahsad is better because of the off chance a process of his detached from the tty
<9> Killed him yet?
<0> whatever you do, be sure to block him reconnecting fairly quickly
<10> p***wd: all authentication tokens updated successfully.
<10> thank you.
<10> :)
<0> did he connect with ssh?
<0> check ~user/.ssh/authorized_keys*
<7> What exactly was going on anyway Aleo ?
<9> Aleo, now look at his history and see what he was up to.
<9> Aleo, also, run chrootkit
<9> I think that's it...
<0> doesn't look like you were rooted though, unless that user was one HE made?
<7> If you did kill -9 you won't see a lot of the bash history
<12> shutdown
<12> and find . -cnewer
<12> ideally from clean media
<9> What's the command that checks for root kits?
<9> chrootkit?
<0> chkrootkit
<7> D:
<9> Kevin`, thanks.
<9> I should run that everyonce in a while.
<8> rkhunter
<0> Ykstort links www.google.com
<0> chkrootkit
<0> down,enter
<7> emerge -atv chkrootkit moar liek :P
<0> why trust emerge
<7> Because I've been using it for ages and it rarely fails me
<0> it will fail you if someone wanted it to
<7> So will links, make, gcc or anything else
<1> bbl yall
<0> patching gcc to do something different and still work is harder then changing a source file
<7> True
<0> wget ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz; tar zxf chrootkit.tar.gz;cd chkrootkit-*;make;./chkrootkit
<7> There's no configure script 0.o
<0> so?
<0> I forgot a k
<7> Sorry, I just rarely see packages without configure scripts :P
<0> the thing is mostly a shell script
<7> OIC
<7> There's also rkhunter
<5> I just used that last night
<5> Freaked myself out when one of the developers had left junk in /etc/hosts
<5> "It hasn't been edited since february and I installed in March, rootkit???"
<13> anyway i can reverse patch a kernel?
<0> yes, apply the patch in reverse
<13> i have the bootsplash patch for 2.6.16, but its only for 2.6.15
<0> -R
<7> The -R option to patch ;)
<0> um
<0> first thing I would do
<0> try the patch anyway
<14> slt
<0> (not with -R)
<13> it gives me an error on video or something
<14> ya til kel kun pour me renseigner
<13> try the bootsplash patch, aye.
<13> but it gives me an error
<0> RHyS pastebin all the errors
<13> pastebin?
<13> :(
<13> im still learning alot.
<0> it will give you files showing parts of the patch that do not success
<0> and you can apply them manually
<13> ok..whats pastebin? and how do i do it?
<15> pastebin.com
<5> RHyS: Pastebin, you paste stuff in and send the link
<13> ohhh its a website
<13> kk
<0> ftp://ftp.openbios.org/pub/bootsplash/kernel/bootsplash-3.1.6-2.6.15.diff
<0> here's one for 2.6.15..
<13> yep. got that
<0> why not use it?
<16> damn, dnon't you hate crackerS/
<13> what do you mean why not use it?
<3> alright, thanks a lot guys... it was on /dev/sdb1
<0> you have a 2.6.15 kernel right?
<16> theres this person that spending hours guesing usernames to get into my machine
<13> no, i have the 2.6.16 :(
<0> dmbt it's not a person
<15> dmbt did he fail?
<0> it's a bot
<16> of course
<15> s/he/it/g
<0> and I get that all the time heh
<15> then move on.
<13> and im on dialup, i went up to the game cafe in town to download this, and my membership expired the 31
<17> dmbt: I've got one that keeps trying to log on as "Administrator" (:
<16> can a person whos trying ot get in tell if he got a username that exists?
Return to
#linux
or
Go to some related
logs:
sql qieries
+automount +dont mount
debian + samuel mathieson
/usr/bin/php: bad interpreter: No such file or directory
search for usb hdd devices
open genera x86-64
#oe
#php
#kernel
install fluxbox themes permission denied
|
|