[CentOS] OT: Ping failed (SOLVED)

Bill Campbell centos at celestial.com
Fri Dec 19 01:12:08 UTC 2008


On Thu, Dec 18, 2008, Jun Salen wrote:
>>From what I can see nagios' check_ping monitor executes /bin/ping,
>>in which case you need to make sure /bin/ping is owned by root
>>and is setuid (chmod u+s /bin/ping)
>>
>>nate

>That solved it. Same with file permission with mount, umount, su, and
>ping6. Thank you very much.

If the permissions on /bin/ping were incorrect, it may mean that
your system has been cracked.  You probably should check by
running ``rpm -V iputils'' which will show changes in any files
in the package.

Crackers frequently hack system utilities to hide their presence
on the system, particularly things like /bin/ps, /bin/login,
/bin/netstat (pretty much anything in the /bin, /usr/bin, /sbin,
and /usr/sbin directories).  For a quick list of rpm packages
that might be affected you can do:

rpm -qf /bin/* /sbin/* | sort -u > /tmp/critpackages

Then a quick check for changed files.  This doesn't show the
package names, but that's easy to find with ``rpm -qf fname''.

rpm -V `cat /tmp/critpackages`

Bill
-- 
INTERNET:   bill at celestial.com  Bill Campbell; Celestial Software LLC
URL: http://www.celestial.com/  PO Box 820; 6641 E. Mercer Way
Voice:          (206) 236-1676  Mercer Island, WA 98040-0820
Fax:            (206) 232-9186

When I hear a man applauded by the mob I always feel a pang of pity
for him.  All he has to do to be hissed is to live long enough.
    -- H.L. Mencken, Minority Report


More information about the CentOS mailing list