[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
I was looking through my /var/log/secure file this
evening on my FC5 system. I noticed, in addition to
myself and the one other user on the system, that a
number of sessions had been opened by a user named
"beagleindex." It's opening a shell of /bin/false,
which tells me that it's not a person but a program.
I did some checking on Google and near as I can tell,
it appears to be some kind of SuSE RPM which is
designed for searching. One site said that it
"ransacks personal data" which frankly kind of creeped
me out. I have only recently learned to read log files
and can't always tell the malevolent from the benign.
What I can't find, however, is any web resource which
will tell me exactly what beagleindex is, what it's
searching for, why it's opening sessions with root
access, or how it got on my system. (I never saw this
with my FC4 installation.) I'm concerned that this may
be an indication that someone broke into my system and
installed a data miner of some kind. Is there any
truth to this fear and if so, what do I do about it?
vox-tech mailing list