[ale] ipv6 dns requests???

Dow Hurst dhurst at kennesaw.edu
Tue Apr 20 14:31:13 EDT 2004 

I bet SuSE 9 does by default. :-(

Have you installed any packages or done any upgrades or patching?  Do you have 
the auto patch function in Yast2 working?  That can burn you like rhn did my 
rh9 box.
Dow


Geoffrey wrote:
> David Hamm wrote:
> 
>> I've heard a popular trick of crackers is to use IPV6.  It goes 
>> undetected since most aren't using it.  You might try using one of the 
>> rootkit tools to see if the system has been root kited.  
> 
> 
> It seems to be a symptom of SuSE 9 as I've got a couple of boxes with it 
> and all do it.  I'm going to do a quick install on another box and see 
> if it does this right away.
> 
>>
>> Some security experts suggest deleting the IPV6 modules from 
>> /lib/modules directories.  You could rename the IPV6 modules and 
>> reboot.  There is a chance the system might not come back up but if 
>> you've been cracked you probably want to re-load the system anyway.
> 
> 
> I'll likely remove the ipv6 mods, but I want to make sure I know what's 
> causing it first.
> 
> Thanks.
> 
>>
>> http://www.net-security.org/software.php?id=531
>> http://www.chkrootkit.org/
>>
>>
>>
>>
>> On Tuesday 20 April 2004 07:54 am, Geoffrey wrote:
>>
>>> Robert L. Harris wrote:
>>>
>>>> If you do "lsmod" is there anything related to ipv6?  If it's compiled
>>>> in static you may not be able to disable it.
>>>
>>>
>>> Yeah, I've got:
>>>
>>> ipv6                  227392  -1 (autoclean)
>>> key                    70456   0 (autoclean) [ipv6]
>>>
>>> I tried to remove them, but somethings got them busy.  I shutdown all
>>> network services, still busy. :(
>>
>>
>> _______________________________________________
>> Ale mailing list
>> Ale at ale.org
>> http://www.ale.org/mailman/listinfo/ale
>>
>>
> 
> 

-- 
__________________________________________________________
Dow Hurst                  Office: 770-499-3428            *
Systems Support Specialist    Fax: 770-423-6744            *
1000 Chastain Rd. Bldg. 12                                 *
Chemistry Department SC428  Email:   dhurst at kennesaw.edu   *
Kennesaw State University         Dow.Hurst at mindspring.com *
Kennesaw, GA 30144                                         *
************************************************************
This message (including any attachments) contains          *
confidential information intended for a specific individual*
and purpose, and is protected by law.  If you are not the  *
intended recipient, you should delete this message and are *
hereby notified that any disclosure, copying, distribution *
of this message, or the taking of any action based on it,  *
is strictly prohibited.                                    *
************************************************************

More information about the Ale mailing list