This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: What does this look like to you folks?


On Mon, Sep 27, 2010 at 11:26 PM, SJ Wright <sjwright68@charter.net> wrote:
> SJ Wright wrote:
>>
>> First, a little background:
>>
>> In quite a few previous edits of my .bash_aliases file, I've used the same
>> alias to cd to a particular folder. Tonight I typed it in and got the
>> following as a return:
>>>
>>> [/cygdrive/c/blu/newest]
>>> mintty-cygwin>>smith
>>> + laugh
>>> + pwd
>>> /cygdrive/c/blu/newest
>>> + cd /cygdrive/c/taiga/
>>> + pwd
>>> /cygdrive/c/taiga
>>> + cd /cygdrive/c/taiga
>>> [/cygdrive/c/blu/newest]
>>
>> When I went to view .bash_aliases in nano, the alias 'smith' (changed at
>> my prerogative for discussion on this list) was missing. As far as I know,
>> it was there as recently as 5 AM today; I believe I used it around noon
>> today (27 September) as well.
>>
>> Should I be worried? I've never heard of Cygwin being a target for ?--the
>> precise term escapes me at the moment so I'll say-- this kind of intrusion,
>> if that's what it is. ?As for potential "routes in," I have sshd running on
>> cygrunsrv but nothing else. Time to change my login password, maybe?
>>
>> Steve W.
>>
>> --
>>
> Of course, I edited the path for the alias back into .bash_aliases (didn't
> want to give up the convenience, after all) but was prudent enough to use
> another word than "smith" for it. {Think first Duke of Marlborough.}
>
> SJW
>

Hello!
Well I ran Google on that term, and came up with the Wikipedia page.
((Which I won't cite here.)) But don't you mean Mr Churchill the PM
actually? (He also was entitled to use that entry into the peerage.)

You may not have anything to worry about, however I am not a security
expert as far as Cygwin goes, I'm more of a user on it, and even on
Linux.

I do suggest you change your passwords for both that system and for the SSH one.

If that's not possible then make it impossible for the system to be
reached that way online via SSH.
-----
Gregg C Levine gregg.drwho8@gmail.com
"This signature fought the Time Wars, time and again."

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]