[CentOS] samba & samba-common installed then erased, but by whom?
Johnny Tan
linuxweb at gmail.comFri May 16 15:47:42 UTC 2008
- Previous message: [CentOS] RHEL5 Linux with default Cluster is not Installed
- Next message: [CentOS] samba & samba-common installed then erased, but by whom?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I saw this in Logwatch today for one of my servers:
--------------------- yum Begin ------------------------
Packages Installed:
samba-common.i386 3.0.23c-2.el5.2.0.2
samba.i386 3.0.23c-2.el5.2.0.2
Packages Erased:
samba-common
samba
---------------------- yum End -------------------------
No one, including myself, has even logged into this box in
the past few days (verified by asking the only other two
people who have access and also looking at the last & secure
logs).
And neither /var/log/yum.log or /var/log/rpmpkgs shows samba
at all being installed/erased/present.
I ran both chkrootkit and rkhunter, and both turned up clean.
Since this box is behind a firewall with only a few IPs
given access to it, I'm thinking that it's not been rooted,
but I can't seem to find any other explanation for this.
The only thing that runs on this server is httpd and jetty.
Everything else is done manually including yum updates. And
nothing that runs on this machine would ever need samba.
Has anyone ever encountered something like this?
johnn
- Previous message: [CentOS] RHEL5 Linux with default Cluster is not Installed
- Next message: [CentOS] samba & samba-common installed then erased, but by whom?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list