Security Warning:

Deken · 4 dec 2014

Eens per dag krijg het volgende bericht op de "/Root/var/log/security" folder
Ik gebruik slechts 1 PC (Mageia = Ex-Mandriva) zonder lokaal netwerk maar wel verbonden met het internet

04 11:33:04 Mandy diff: Security Warning: change in processes with open network ports found :
Dec 04 11:33:04 Mandy diff: - Added processes with open network ports : tcp 0 0 *:ipp *:* LISTEN cupsd
Dec 04 11:33:04 Mandy diff: - Added processes with open network ports : tcp 0 0 *:ipp *:* LISTEN cupsd
Dec 04 11:33:04 Mandy diff: - Added processes with open network ports : udp 0 0 *:ipp *:* cups-browsed
Dec 04 11:33:04 Mandy diff: - Added processes with open network ports : udp 0 0 *:35449 *:* avahi-daemon: r
Dec 04 11:33:04 Mandy diff: - Added processes with open network ports : udp 0 0 *:12687 *:* dhclient
Dec 04 11:33:04 Mandy diff: - Added processes with open network ports : udp 0 0 *:53591 *:* dhclient
Dec 04 11:33:04 Mandy diff: - Removed processes with open network ports : udp 0 0 *:48340 *:* avahi-daemon: r
Dec 04 11:33:04 Mandy diff: - Removed processes with open network ports : udp 0 0 *:3403 *:* dhclient
Dec 04 11:33:04 Mandy diff: - Removed processes with open network ports : udp 0 0 *:1427 *:* dhclient
Dec 04 11:33:04 Mandy diff:
Dec 04 11:33:04 Mandy diff: Security Warning: change in local groups found :
Dec 04 11:33:04 Mandy diff: - Added local groups : lpadmin

Graag meer uitleg Dank U.

wampier · 4 dec 2014

Blijkbaar maak je elke dag je printerdefinities opnieuw aan of iets dergelijks. zowel cups as lpadmin zijn printergerelateerd

manamana · 4 dec 2014

In aanvulling op wampier misschien hier even naar toe. find printers to print to...., or find files being shared enz enz http://avahi.org/

Zou het malware kunnen zijn. Die daemon bevalt me niet?

c:\windows of c:\windows\system32 kijk daar eens of er ergens een daemon.exe bevind

Sommige malware camoufleert zichzelf als daemon.exe

Het is immers een security warning.

Mik Zjegger · 4 dec 2014

The service-discovery-applet allows you to discover available services on the network and connect easily.

Lees deze info even. (Eng)

Deken · 5 dec 2014

Dank U voor het avahi bericht.
Gelezen, maar mijn linux kennis is onvoldoende om de inhoud volledig te begrijpen. Daar wordt nog duchtig aan gewerkt.
Mag ik aannemen dat deze "warning" niet onrustwekkend is?.

manamana · 5 dec 2014

Je werkt niet lokaal.

Please remember, that we do no recommend using nss-mdns in this way. Why? Firstly, because the conflict resolution protocol of mDNS becomes ineffective. Secondly, because due to the "merging" of theses zones, DNS RRs might point to wrong other RRs. Thirdly, this can become a security issue, because information about the mDNS domain .local which is intended to be link-local might leak into the Internet. Fourthly, when you mistype host names from .local the long mDNS timeout will always occur. Fifthly it creates more traffic than necessary. And finally it is really ugly.

Bron. http://avahi.org/wiki/AvahiAndUnicastDotLocal

Security Warning:

Deken

Gebruiker

wampier

Meubilair

manamana

Inventaris

Mik Zjegger

Moderator

Deken

Gebruiker

manamana

Inventaris

Nieuwste berichten

Wij waarderen jouw privacy