Results 1 to 6 of 6

Thread: Is my system hacked?

  1. #1

    Is my system hacked?

    I just switched from the horrible world of Windows into Linux. There is a learning curve but I don't mind. Anyway I am running Mandrake 8.1. I have done all the updates and I get this weird message every night between 2 am and 4 am.

    KWrited-listening on device /dev/pts/0

    Security Warning: Change in World Writeable Files found :
    - Added writables files : /tmp/.ICE-unix/3723
    - Removed writables files : /tmp/.ICE-unix/1509

    Security Warning: World Writeable files found :
    - /lib/dev-state/log
    - /tmp
    - /tmp/.ICE-unix
    - /tmp/.ICE-unix/3723
    - /tmp/.X11-unix
    - /tmp/.X11-unix/X0
    - /tmp/.font-unix
    - /tmp/.font-unix/fs-1
    - /usr/share/apps/kscd/cddb/blues
    - /usr/share/apps/kscd/cddb/classical
    - /usr/share/apps/kscd/cddb/country
    - /usr/share/apps/kscd/cddb/data
    - /usr/share/apps/kscd/cddb/folk
    - /usr/share/apps/kscd/cddb/jazz
    - /usr/share/apps/kscd/cddb/misc
    - /usr/share/apps/kscd/cddb/newage
    - /usr/share/apps/kscd/cddb/reggae
    - /usr/share/apps/kscd/cddb/rock
    - /usr/share/apps/kscd/cddb/soundtrack
    - /usr/share/doc/krb5-libs-1.2.2/README
    - /var/apache-mm
    - /var/spool/samba
    - /var/tmp

    the funny thing is I disconnect my RJ-45 from the NIC. And I still get this message. If I shutdown at night and the next day boot up no message. I even wipped clean and reinstalled. I haven't opened any emails or anything like that. I am also behind the NAT on my router. I am very paraniod and want to make sure this isn't a virus. Any help would be great. Thank you ???

  2. #2

    Re:Is my system hacked?

    i am new also but this is what i know. if i am wrong someone let me know.

    first i have 8.1 on my main box and have never had this problem but i do have the dev that you mention. i have no idea what it does. but i do know that i had a problem with an error i got ever night at the same time and it turned out to be something in my cron scripts. this is what linux uses to do tasks daily, weekly, hourly, etc. you may want to see if that is your problem.

    on the part with world write files what are you using to detect that?

    i know you do not have a viris if you have not done anything silly like use third party software as root? everything else is speculation.

    make sure that you know every program that mandrake put on your system. there are alot of bells on and there may be things you did not know of and dont want.

  3. #3

    Re:Is my system hacked?

    The only programs I installed were the all the packages listed during the install. It seems the world writeable files have something to do with music. I don't where they came from but if it's no big deal I don't mind. I am doing a lot of experimenting so I don't mind if I have to reinstall. It is fully installed in less than 25 minutes!! A lot faster than Win2K and no product key!!
    When I am in Control Center and switch security level to High it always goes back to low. I don't know why?

    All I can say is I have a lot to learn but I don't mind. The less time I spend in Windows the better!!

    This is a great forum and I have learned alot by just scanning the posts.

    Is there a way to scan my IP for security holes? I go to Symantec's website but they don't support Linux in their utility for scanning IP's

    Thanks for the help ;D

  4. #4

    Re:Is my system hacked?

    A little more info about this. I always get this message when I was logged in and just left my box running all night. (Correct me if I'm wrong but I read I could leave Linux running 24/7) Last night I logged out and left it at the login screen all night and there was no message. When I logged in today nothing ever came up.

    Any ideas?


  5. #5

    Re:Is my system hacked?

    You haven't been hacked, more likely a security bug with Mandrake 8.1. The files for kscd should not be world wirteable. Have you downloaded any updates that might be available? Maybe they have already fixed this problem.

    Any of the Mandrake users know of any security issues with kscd? It isn't unusual for some file in /tmp to be writeable by everyone.

    Jim H

  6. #6

    Re:Is my system hacked?

    i gave up with kscd....
    it always crashed when i tried to change the device.
    i now just rip the cds to mp3
    much more easier to controll, and alot more space efficient.... :P

Similar Threads

  1. The System Cannot Log You On
    By regix in forum Windows - General Topics
    Replies: 0
    Last Post: 01-01-2005, 02:44 AM
  2. Dems hacked!
    By Blaqb0x in forum General Chat
    Replies: 1
    Last Post: 01-22-2004, 06:28 PM
  3. RIAA got hacked
    By in forum General Chat
    Replies: 3
    Last Post: 09-10-2002, 04:02 AM
  4. Did Ebay get hacked?
    By stryder144 in forum General Chat
    Replies: 2
    Last Post: 04-01-2002, 09:14 AM


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts