Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

weird directories in /root

From: "Tarek W." <tarek () cyberia net lb>
Date: Tue, 04 Sep 2001 04:40:32 +0300
Has anyone seen this before?

<snip>
[root@bigbang /root]# ls -a
.               .gnome-help-browser               .tcshrc
..              .gnome_private                    testdir0
.bash_history   .gnupg                            testdir1
.bash_logout    .gqviewrc                         testdir2
.bash_profile   .ICEauthority                     testdir3
.bashrc         .mc                               testdir4
.cddbslave      .MCOP-random-seed                 testdir5
core            .netscape                         testdir6
.cshrc          nsmail                            .xauth
.ee             .rpmfind                          .Xauthority
.esd_auth       .rpmfinddir                       .xchat
.gftp           .saves-1005-bigbang.localdomain~  .xmms
.gnome          .saves-1025-bigbang.localdomain~  .Xresources
.gnome-desktop  .sawfish
[root@bigbang /root]# ls -a testdir0
.                  010abcdefghijklmn  022abcdefghijklmn  034abcdefghijklmn
..                 011abcdefghijklmn  023abcdefghijklmn  035abcdefghijklmn
000abcdefghijklmn  012abcdefghijklmn  024abcdefghijklmn  036abcdefghijklmn
001abcdefghijklmn  013abcdefghijklmn  025abcdefghijklmn  037abcdefghijklmn
002abcdefghijklmn  014abcdefghijklmn  026abcdefghijklmn  038abcdefghijklmn
003abcdefghijklmn  015abcdefghijklmn  027abcdefghijklmn  039abcdefghijklmn
004abcdefghijklmn  016abcdefghijklmn  028abcdefghijklmn  dir
005abcdefghijklmn  017abcdefghijklmn  029abcdefghijklmn  lin
006abcdefghijklmn  018abcdefghijklmn  030abcdefghijklmn  rename1
007abcdefghijklmn  019abcdefghijklmn  031abcdefghijklmn  sym
008abcdefghijklmn  020abcdefghijklmn  032abcdefghijklmn
009abcdefghijklmn  021abcdefghijklmn  033abcdefghijklmn
[root@bigbang /root]# ls -a testdir0/dir/
.  ..
[root@bigbang /root]# ls -a testdir0/lin/
.  ..
[root@bigbang /root]# ls -a testdir0/sym/
.  ..  001
[root@bigbang /root]# ls -l testdir0/
total 688
-rw-rw-rw-    1 root     root         2048 Aug 29 20:21 000abcdefghijklmn
-rw-rw-rw-    1 root     root        16384 Aug 29 20:21 001abcdefghijklmn
-rw-rw-rw-    1 root     root        40960 Aug 29 20:21 002abcdefghijklmn
-rw-rw-rw-    1 root     root        32768 Aug 29 20:21 003abcdefghijklmn
-rw-rw-rw-    1 root     root         2048 Aug 29 20:21 004abcdefghijklmn
-rw-rw-rw-    1 root     root        49152 Aug 29 20:21 005abcdefghijklmn
-rw-rw-rw-    1 root     root         2048 Aug 29 20:21 006abcdefghijklmn
-rw-rw-rw-    1 root     root        40960 Aug 29 20:21 007abcdefghijklmn
-rw-rw-rw-    1 root     root         8192 Aug 29 20:21 008abcdefghijklmn
-rw-rw-rw-    1 root     root         1024 Aug 29 20:21 009abcdefghijklmn
-rw-rw-rw-    1 root     root         2048 Aug 29 20:21 010abcdefghijklmn
-rw-rw-rw-    1 root     root        24576 Aug 29 20:21 011abcdefghijklmn
-rw-rw-rw-    1 root     root         2048 Aug 29 20:21 012abcdefghijklmn
-rw-rw-rw-    1 root     root        24576 Aug 29 20:21 013abcdefghijklmn
-rw-rw-rw-    1 root     root        16384 Aug 29 20:21 014abcdefghijklmn
-rw-rw-rw-    1 root     root        49152 Aug 29 20:21 015abcdefghijklmn
-rw-rw-rw-    1 root     root         2048 Aug 29 20:21 016abcdefghijklmn
-rw-rw-rw-    1 root     root         1024 Aug 29 20:21 017abcdefghijklmn
-rw-rw-rw-    1 root     root         1024 Aug 29 20:21 018abcdefghijklmn
-rw-rw-rw-    1 root     root        40960 Aug 29 20:21 019abcdefghijklmn
-rw-rw-rw-    1 root     root         2048 Aug 29 20:21 020abcdefghijklmn
-rw-rw-rw-    1 root     root         3072 Aug 29 20:21 021abcdefghijklmn
-rw-rw-rw-    1 root     root        24576 Aug 29 20:21 022abcdefghijklmn
-rw-rw-rw-    1 root     root        32768 Aug 29 20:21 023abcdefghijklmn
-rw-rw-rw-    1 root     root         1024 Aug 29 20:21 024abcdefghijklmn
-rw-rw-rw-    1 root     root        24576 Aug 29 20:21 025abcdefghijklmn
-rw-rw-rw-    1 root     root         3072 Aug 29 20:21 026abcdefghijklmn
-rw-rw-rw-    1 root     root        24576 Aug 29 20:21 027abcdefghijklmn
-rw-rw-rw-    1 root     root         2048 Aug 29 20:21 028abcdefghijklmn
-rw-rw-rw-    1 root     root        16384 Aug 29 20:21 029abcdefghijklmn
-rw-rw-rw-    1 root     root         2048 Aug 29 20:21 030abcdefghijklmn
-rw-rw-rw-    1 root     root         3072 Aug 29 20:21 031abcdefghijklmn
-rw-rw-rw-    1 root     root         1024 Aug 29 20:21 032abcdefghijklmn
-rw-rw-rw-    1 root     root         1024 Aug 29 20:21 033abcdefghijklmn
-rw-rw-rw-    1 root     root         8192 Aug 29 20:21 034abcdefghijklmn
-rw-rw-rw-    1 root     root        49152 Aug 29 20:21 035abcdefghijklmn
-rw-rw-rw-    1 root     root        32768 Aug 29 20:21 036abcdefghijklmn
-rw-rw-rw-    1 root     root        16384 Aug 29 20:21 037abcdefghijklmn
-rw-rw-rw-    1 root     root        40960 Aug 29 20:21 038abcdefghijklmn
-rw-rw-rw-    1 root     root         2048 Aug 29 20:21 039abcdefghijklmn
drwxrwxrwx    2 root     root         4096 Aug 29 20:21 dir
drwxrwxrwx    2 root     root         4096 Aug 29 20:21 lin
-rw-rw-rw-    1 root     root            0 Aug 29 20:21 rename1
drwxrwxrwx    2 root     root         4096 Aug 29 20:21 sym
</snip>


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Previous By Date Next
Previous By Thread Next

Current thread: