[Triumf-linux-managers] Please check openssh on all Linux machines
Andrew Daviel
advax at triumf.ca
Mon Jun 21 12:11:26 PDT 2010
Please do the following on any Linux machines you administer, or use
regularly:
rpm -V openssh-server openssh-clients zlib-devel | grep bin
ls /usr/include/linux/boot.h
If either of these commands returns any output, please let me know,
and send both boot.h and the result of "stat /usr/sbin/sshd"
(I have checked all TRIUMF machines that I have access to via syslog or
the georgesv account, but may have missed some. In particular, if
the RPM database is corrupt or locked the command will fail, or if the
Linux distro does not use RPM it will also fail.
Machines found to be infected include those running Scientific Linux
3,4,5, RedHat 8,9 plus openSUSE. There may be infected Debian-based
machines (using APT instead of RPM))
For more detail, see
http://lists.triumf.ca/pipermail/triumf-linux-managers/2010-June/000256.html
--
Andrew Daviel, TRIUMF, Canada
Tel. +1 (604) 222-7376 (Pacific Time)
Network Security Manager
More information about the Triumf-linux-managers
mailing list