richardfromhinckley
Level 1 (0 points)

Q: Very Confused

Rootkit hunter says the following

 

warning suspicous:

/dev/fd/6 data

/dev/fd/7 data

 

however if I try and visit the FD directory there is no entry 6 or 7? What is going on?

iMac, Mac OS X (10.6.7)

Posted on Apr 23, 2011 4:58 PM

by etresoft,Solvedanswer
etresoft etresoft
Level 7 (29,081 points)
A:

It is not even that. There is no issue (configuration or security) at all.

Posted on Apr 25, 2011 11:02 AM

Close
richardfromhinckley

Q: Very Confused

  • All replies
  • Helpful answers

Previous Page 2

  • by richardfromhinckley,

    richardfromhinckley richardfromhinckley Apr 25, 2011 11:10 AM in response to etresoft
    Level 1 (0 points)
    Apr 25, 2011 11:10 AM in response to etresoft

    Thanks again everyone for your help, after leaving Windows for this, my first mac you can hopefully forgive me for being used to security issues

  • by MrHoffman,

    MrHoffman MrHoffman Apr 25, 2011 5:53 PM in response to richardfromhinckley
    Level 6 (15,612 points)
    Mac OS X
    Apr 25, 2011 5:53 PM in response to richardfromhinckley

    If you want a security problem?

     

    • Avoid regular backups, and don't maintain an archive of older backups.
    • Don't have reasonable file-level security.
    • Open IP ports all over the place.
    • Definitely don't have solid passwords and password filters, and certainly avoid using certificate-based logins.
    • Always use ftp and telnet, and avoid ssh and sftp.
    • Download and authenticate random stuff.
    • Download plugins claimed to be security tools or fixes, and anything claiming to be a video codec.
    • Make sure you have a down-revision web content management system or writeable web directories.
    • Don't have a decent firewall at the edge of your network.
    • Run unencrypted wireless.

     

    That is how you ensure you have security problems. 

     

    Rootkit detection tools?  Anti-virus and anti-malware tools?  In the event you are targeted and are breached, then you've probably made one or more mistakes, and your path back is likely going to be those backups.

     

    Security isn't magic pixie dust.  It's basic steps, basic management, those backups, and making sure that you're not an easy target.

  • by richardfromhinckley,

    richardfromhinckley richardfromhinckley Apr 27, 2011 6:25 AM in response to MrHoffman
    Level 1 (0 points)
    Apr 27, 2011 6:25 AM in response to MrHoffman

    Well I don't do any of that, howerver I have noticed something unusual in the Network Activity Window

     

    Packets in / out is nearly 1:1 in ratio, yet the recieved / send me is 11.4 / 3.2 mb? how is that possible?

     

    http://localhostr.com/file/tMWbFHC/Screen%20shot%202011-04-27%20at%2014.18.20.pn g screenshot

  • by etresoft,

    etresoft etresoft Apr 27, 2011 6:36 AM in response to richardfromhinckley
    Level 7 (29,081 points)
    Apr 27, 2011 6:36 AM in response to richardfromhinckley

    Your incoming packets are likely to be filled with data and images. Your outgoing packages are likely to be filled with ACK or get requests.

Previous Page 2