The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

system compromised?

Discussion in 'General Discussion' started by tic67, Feb 16, 2003.

  1. tic67

    tic67 Active Member

    Joined:
    May 8, 2002
    Messages:
    29
    Likes Received:
    0
    Trophy Points:
    1
    I've just been sent the following message from my system:

    IMPORTANT: Do not ignore this email.
    This message is to inform you that the rpm
    package fileutils did not match the expected checksum. This could mean that
    your system was compromised (OwN3D). The offending files have been removed
    and replaced with the OS default. To be safe you should verify that your
    system has not be compromised.


    Modified Files:
    .......T c /etc/DIR_COLORS
    .......T c /etc/profile.d/colorls.csh
    .......T c /etc/profile.d/colorls.sh

    Is there anything I can do to check what this means?.

    Thx,

    John
     
  2. PWSowner

    PWSowner Well-Known Member

    Joined:
    Nov 10, 2001
    Messages:
    2,948
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    ON, Canada
    I got one this morning and yesterday morning. My server provider said it's nothing to worry about.
     
  3. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,578
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Toronto, Ontario Canada
    cPanel Access Level:
    DataCenter Provider
    That is usually from a cpanel update like

    fileutils-4.1-10.1.i386.rpm
     
  4. Tom Pyles

    Tom Pyles Well-Known Member

    Joined:
    Apr 26, 2002
    Messages:
    254
    Likes Received:
    0
    Trophy Points:
    16
    I too am getting these e-mails...not sure why it started all of a sudden, but worried me to know end. My provider also told me nothing to worry about ;)
     
  5. ecoutez

    ecoutez Well-Known Member

    Joined:
    May 23, 2002
    Messages:
    152
    Likes Received:
    0
    Trophy Points:
    0
    This issue is resolved

    Nick took a look at one of my RedHat 7.2 boxes exhibiting this behavior and found the problem.

    Run /scripts/updatenow and it should be fixed.

    - Jason
     
  6. Website Rob

    Website Rob Well-Known Member

    Joined:
    Mar 23, 2002
    Messages:
    1,506
    Likes Received:
    0
    Trophy Points:
    36
    Location:
    Alberta, Canada
    cPanel Access Level:
    Root Administrator
    Seems odd that anyone other than the SysAdmin would be wanting to change the files shown in the first post. All they are is for the colours used to display your screen output when in Shell. Most curious.
     
Loading...

Share This Page