[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[K12OSN] Re: Random system crashes: Linux gurus, what would you do?

On Tue, 2005-12-20 at 22:51, Carl Keil wrote:

I believe that my computer was broken into via webmin right before all this started happening(there was an unauthorized login as root from a church in town), but I couldn't find any signs of damage, other than my computer crashed the next day.
Les Mikesell wrote:
Chances are that parts of your system have been replaced, including
versions of ls, ps, and netstat that keep you from seeing
anything different.  You might try the rootkit hunter
http://www.rootkit.nl/projects/rootkit_hunter.html to
see if it can identify anything, but the safest approach
would be to reinstall from scratch.

I tried the rootkit hunter and it turned up absolutely no trace of a rootkit. I know this isn't definitive, but I think I'm going to cross my fingers and hope for the best. I've changed the root password, and now I turn webmin on via ssh when I need it and shut it down when I'm through. Thanks for suggesting this program. I'm beginning to suspect that the hacking and the crashing are just an odd coincidence.
Eric Harrison Wrote:
One thing that happens late at night are the jobs in /etc/cron.daily/
Some of these jobs can chew up a lot of memory.

You might want to run memtest on this box to see if you have a bad
stick of ram.

This was it! I ran memtest and it turned up 4000 errors on one stick of ram before it was even 30% through. I replaced that stick and I've 2 days of uptime since. Yay! Thank you very much.
Happy Holidays!


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]