conoscenza ha scritto:da terminale prova a lanciare:
1) celestia dando -> /usr/bin/celestia
2) librecad dando -> /usr/bin/librecad
Non li trova!
Codice: Seleziona tutto
unknow[~]$ /usr/bin/celestia
bash: /usr/bin/celestia: File o directory non esistente
unknow[~]$ /usr/bin/librecad
/usr/bin/librecad: line 4: ./librecad: File o directory non esistente
unknow[~]$
mi loggherei come root:
su -
e intanto controllerei che:
cat /var/log/secure
non abbia tracce di attacchi...
E le tracce di attacchi come si riconoscono?
Codice: Seleziona tutto
root@darkstar:~# cat /var/log/secure
Feb 22 23:36:03 darkstar su[2766]: Successful su for root by unknow
Feb 22 23:36:03 darkstar su[2766]: + /dev/pts/0 unknow:root
Feb 23 21:53:36 darkstar su[3028]: Successful su for root by unknow
Feb 23 21:53:36 darkstar su[3028]: + /dev/pts/0 unknow:root
Mar 24 00:37:23 darkstar su[4654]: Successful su for root by unknow
Mar 24 00:37:23 darkstar su[4654]: + /dev/pts/0 unknow:root
Mar 25 14:20:54 darkstar su[4006]: Successful su for root by unknow
Mar 25 14:20:54 darkstar su[4006]: + /dev/pts/0 unknow:root
Mar 26 10:26:15 darkstar su[2843]: Successful su for root by unknow
Mar 26 10:26:15 darkstar su[2843]: + /dev/pts/0 unknow:root
Mar 26 20:43:40 darkstar su[1092]: Successful su for root by unknow
Mar 26 20:43:40 darkstar su[1092]: + /dev/pts/0 unknow:root
Mar 26 20:57:45 darkstar passwd[1330]: pam_unix(passwd:chauthtok): password changed for root
Mar 26 21:20:28 darkstar groupadd[305]: group added to /etc/group: name=cron, GID=16
Mar 26 21:20:28 darkstar groupadd[305]: group added to /etc/gshadow: name=cron
Mar 26 21:20:28 darkstar groupadd[305]: new group: name=cron, GID=16
Mar 26 21:20:28 darkstar useradd[348]: new user: name=cron, UID=16, GID=16, home=/var/spool/cron, shell=/sbin/nologin
Mar 26 21:20:32 darkstar groupadd[962]: group added to /etc/group: name=mail, GID=12
Mar 26 21:20:32 darkstar groupadd[962]: group added to /etc/gshadow: name=mail
Mar 26 21:20:32 darkstar groupadd[962]: new group: name=mail, GID=12
Mar 26 21:20:32 darkstar useradd[1005]: new user: name=mail, UID=8, GID=12, home=/var/spool/mail, shell=/sbin/nologin
Mar 26 21:20:32 darkstar useradd[1047]: new group: name=postmaster, GID=249
Mar 26 21:20:32 darkstar useradd[1047]: new user: name=postmaster, UID=14, GID=249, home=/var/spool/mail, shell=/sbin/nologin
Mar 26 21:20:36 darkstar groupadd[1687]: group added to /etc/group: name=ssmtp, GID=248
Mar 26 21:20:36 darkstar groupadd[1687]: group added to /etc/gshadow: name=ssmtp
Mar 26 21:20:36 darkstar groupadd[1687]: new group: name=ssmtp, GID=248
Mar 26 21:20:48 darkstar groupadd[4226]: group added to /etc/group: name=crontab, GID=247
Mar 26 21:20:48 darkstar groupadd[4226]: group added to /etc/gshadow: name=crontab
Mar 26 21:20:48 darkstar groupadd[4226]: new group: name=crontab, GID=247
Mar 26 21:20:56 darkstar groupadd[5079]: group added to /etc/group: name=locate, GID=246
Mar 26 21:20:56 darkstar groupadd[5079]: group added to /etc/gshadow: name=locate
Mar 26 21:20:56 darkstar groupadd[5079]: new group: name=locate, GID=246
Mar 26 23:27:24 darkstar groupadd[30209]: group added to /etc/group: name=messagebus, GID=245
Mar 26 23:27:24 darkstar groupadd[30209]: group added to /etc/gshadow: name=messagebus
Mar 26 23:27:24 darkstar groupadd[30209]: new group: name=messagebus, GID=245
Mar 26 23:27:24 darkstar useradd[30246]: new user: name=messagebus, UID=101, GID=245, home=/dev/null, shell=/sbin/nologin
Mar 26 23:32:02 darkstar groupadd[8430]: group added to /etc/group: name=ldap, GID=439
Mar 26 23:32:02 darkstar groupadd[8430]: group added to /etc/gshadow: name=ldap
Mar 26 23:32:02 darkstar groupadd[8430]: new group: name=ldap, GID=439
Mar 26 23:32:02 darkstar useradd[8468]: new user: name=ldap, UID=439, GID=439, home=/usr/lib64/openldap, shell=/sbin/nologin
Mar 26 23:42:15 darkstar groupadd[16432]: group added to /etc/group: name=lpadmin, GID=106
Mar 26 23:42:15 darkstar groupadd[16432]: group added to /etc/gshadow: name=lpadmin
Mar 26 23:42:15 darkstar groupadd[16432]: new group: name=lpadmin, GID=106
Mar 27 10:31:45 darkstar su[2721]: Successful su for root by unknow
Mar 27 10:31:46 darkstar su[2721]: + /dev/pts/0 unknow:root
Mar 27 21:43:31 darkstar passwd[6303]: pam_unix(passwd:chauthtok): password changed for root
Mar 27 21:46:35 darkstar useradd[6352]: new group: name=unknow, GID=1000
Mar 27 21:46:35 darkstar useradd[6352]: new user: name=unknow, UID=1000, GID=1000, home=/home/unknow, shell=/bin/bash
Mar 27 21:46:35 darkstar useradd[6352]: add 'unknow' to group 'wheel'
Mar 27 21:46:35 darkstar useradd[6352]: add 'unknow' to group 'audio'
Mar 27 21:46:35 darkstar useradd[6352]: add 'unknow' to group 'cdrom'
Mar 27 21:46:35 darkstar useradd[6352]: add 'unknow' to group 'video'
Mar 27 21:46:35 darkstar useradd[6352]: add 'unknow' to group 'usb'
Mar 27 21:46:35 darkstar useradd[6352]: add 'unknow' to group 'users'
Mar 27 21:46:35 darkstar useradd[6352]: add 'unknow' to shadow group 'wheel'
Mar 27 21:46:35 darkstar useradd[6352]: add 'unknow' to shadow group 'audio'
Mar 27 21:46:35 darkstar useradd[6352]: add 'unknow' to shadow group 'cdrom'
Mar 27 21:46:35 darkstar useradd[6352]: add 'unknow' to shadow group 'video'
Mar 27 21:46:35 darkstar useradd[6352]: add 'unknow' to shadow group 'usb'
Mar 27 21:46:35 darkstar useradd[6352]: add 'unknow' to shadow group 'users'
Mar 27 21:47:26 darkstar passwd[6387]: pam_unix(passwd:chauthtok): password changed for unknow
Mar 27 21:51:42 darkstar su[6492]: Successful su for root by unknow
Mar 27 21:51:42 darkstar su[6492]: + /dev/pts/1 unknow:root
Mar 27 23:59:33 darkstar groupadd[13692]: group added to /etc/group: name=firebird, GID=450
Mar 27 23:59:33 darkstar groupadd[13692]: group added to /etc/gshadow: name=firebird
Mar 27 23:59:33 darkstar groupadd[13692]: new group: name=firebird, GID=450
Mar 27 23:59:33 darkstar useradd[13730]: new user: name=firebird, UID=450, GID=450, home=/usr/lib64/firebird, shell=/bin/bash
Mar 28 12:33:47 darkstar su[2730]: Successful su for root by unknow
Mar 28 12:33:47 darkstar su[2730]: + /dev/pts/0 unknow:root
Mar 28 14:12:15 darkstar su[8995]: Authentication failed for root
Mar 28 14:12:15 darkstar su[8995]: FAILED su for root by unknow
Mar 28 14:12:15 darkstar su[8995]: - /dev/pts/1 unknow:root
Mar 28 14:12:28 darkstar su[11296]: Successful su for root by unknow
Mar 28 14:12:28 darkstar su[11296]: + /dev/pts/1 unknow:root
Mar 28 21:24:31 darkstar su[8426]: Successful su for root by unknow
Mar 28 21:24:31 darkstar su[8426]: + /dev/pts/0 unknow:root
Mar 29 14:19:30 darkstar su[5752]: Successful su for root by unknow
Mar 29 14:19:30 darkstar su[5752]: + /dev/pts/0 unknow:root
Mar 29 14:44:29 darkstar su[6116]: Successful su for root by unknow
Mar 29 14:44:29 darkstar su[6116]: + /dev/pts/0 unknow:root
Mar 29 18:21:23 darkstar su[15987]: Successful su for root by unknow
Mar 29 18:21:23 darkstar su[15987]: + /dev/pts/1 unknow:root
Apr 1 22:54:05 darkstar su[3408]: Successful su for root by unknow
Apr 1 22:54:05 darkstar su[3408]: + /dev/pts/0 unknow:root
Apr 2 22:09:34 darkstar su[4082]: Successful su for root by unknow
Apr 2 22:09:34 darkstar su[4082]: + /dev/pts/0 unknow:root
Apr 3 23:03:49 darkstar su[3249]: Successful su for root by unknow
Apr 3 23:03:49 darkstar su[3249]: + /dev/pts/0 unknow:root
Apr 4 00:54:01 darkstar su[3503]: Successful su for root by unknow
Apr 4 00:54:01 darkstar su[3503]: + /dev/pts/0 unknow:root
Apr 4 00:56:04 darkstar su[3548]: Successful su for root by unknow
Apr 4 00:56:04 darkstar su[3548]: + /dev/pts/1 unknow:root
Apr 6 22:00:07 darkstar su[4715]: Successful su for root by unknow
Apr 6 22:00:07 darkstar su[4715]: + /dev/pts/0 unknow:root
Apr 6 23:20:12 darkstar su[2959]: Successful su for root by unknow
Apr 6 23:20:12 darkstar su[2959]: + /dev/pts/0 unknow:root
Apr 7 22:03:29 darkstar su[3639]: Successful su for root by unknow
Apr 7 22:03:29 darkstar su[3639]: + /dev/pts/0 unknow:root
root@darkstar:~#
poi farei un comando tipo:
cat /proc/kmsg >> /home/<nome_utente>/Scrivania/kernel
(non so se a te si chiama Scrivania o Desktop)
che ti crea e salva un log in continua delle operazioni che esegue un kernel per capire se è un problema che può dipendere da esso...
Ma è un'operazione lunga?
Ho dato il comando già da un po' e lui non mi restituisce la linea.
e intanto aggiornerei kernel e versione!
In GSlapt non vedo un nuovo kernel. Non sarebbe più coerente attendere che venga reso disponibile in GSplat?
ps: ritornando in topic, premi o e col tab controlla il listato...
me lo posteresti?
Se premo "o" scrivo "oooooo...." e premere il tab non mi da niente.
Sicuro di aver scritto bene?