reezin14

I just received this message a few minutes ago, I'm I being probed/attacked(what I'm thinking)or is this just a glitch with the software? I installed Fedora 11 2 days ago.TIA + rep for helpful post.

Attached Thumbnails

   

__________________
Q6600@3.9
http://valid.x86-secret.com/show_oc.php?id=383427

blooder11181

what anti virus are you using?
and the firewall is active

__________________

Dawlish7

This is linux mate, it looks like se linux is blocking maybe in intruder or software searching your home etc, i hate se linux personally but have you installed anything recently

__________________
R.I.P - XAslanX Amigos

reezin14

Just the updates, that I downloaded when I first installed. BTW I use clam anti-virus(which wasn't active..... but now is). You don't like se huh,is there something else I can use instead?

__________________
Q6600@3.9
http://valid.x86-secret.com/show_oc.php?id=383427

Hueristic

Looks like a spider to me, I'm no linux head but I would say whatever it is was probing and you blocked it.

I wouldn't be worried about the c1a.net, it's probally spoofed. BTW if the gov was checking you out it would be the n$a. And you would more than likely see all your traffic being redirected from your isp through las alemos.

__________________
I seldom argue my advice, It's free take it or leave it. READ this thread before starting your first build!!!
ALWAYS power up a Mobo Before installing it! Consider Less than helpful posts as Free Bumps.
¡¡¡ʍʇɟ qn1ɔ uoıʇɐıɔǝɹddɐ 939 ʇǝʞɔos ǝɥʇ:
OCN's October Foldathon Prizes Thread Retro Rulez
This goes without saying but
1. If you can't afford to lose it don't mod or OC it.
2. At least read the OP before commenting.
Semper Fi

Dawlish7

I would keep whats active and working but with linux you wont need an anti virus, i personally dont use any internet security accept for spybot search and destroy on windows, but i have years of pure luck under my belt, i think after a while of blocked they will give up or move on, thank you for the rep

__________________
R.I.P - XAslanX Amigos

Mr Pink57

From what little I've read about what Gconf is it's a daemon for gnome to auto applies new settings to apps. My guess is it does not have root priv and failed to update something.

pink

__________________
http://valid.canardpc.com/show_oc.php

reezin14

LOL not @ you though,CIA is just part of my naming convention for my network.NSA is my server,and there is also FBI,MI-6,KGB,and CTU in the mix.

Yeah,I started a daemon on my server to sync certain files today,so I think that's what's going on here.I'm not 100% sure so I'll keep an eye on it.

Thanks all for the info guys. + 1 all.

__________________
Q6600@3.9
http://valid.x86-secret.com/show_oc.php?id=383427

BLinux

i don't think this is any indication of an attack really. there are several possibilities that could result in this, but this is what i think is most likely:

Did you recently apply an update that involved the SELinux targeted policies? If so, the developers may have made some improvements or updates to the policy and some of the security contexts of files need to be changed accordingly. When you update the policy, it doesn't automatically update the security context of all the files in the system, especially not files in home directories. You can usually correct this type of situation by doing the following:

1. Edit /etc/sysconfig/selinux and disable SELINUX (for now)
2. Reboot without SELinux running.
3. Now, as root, run 'fixfiles relabel' and give it some time to complete.
4. Next, edit /etc/sysconfig/selinux again and enable SELinux
5. Reboot again with SELinux running

Now go about your usual business. If the error appears again, post it again. The 'fixfiles' command will reset all the security context of all files to what *should* be appropriate based on the new file context policy. The steps above typically fix problems after SELinux policies have been changed/updated.

Another possibility is that a updated SELinux policy has an error in it. This is not uncommon, but usually if enough folks complain a new update to fix it will be released soon.

thiussat

Not an attack. It's just gconf trying to access something that wasn't predefined in the SELinux policy. This sometimes happens. The instructions of how to fix it are in the message itself.

BTW, did you modify the SELinux policies in any way? If you don't know exactly what you're doing, you shouldn't mess around with the policies.

__________________

Secure Your Network With Tomato Linux Vs. Windows Security Think You Can Brute Force Long Passwords? Linux File Permissions HOWTO Secure Ubuntu With AppArmor

"I can't bring myself to try Linux Mint because they keep naming the OS after ex-girlfriends or women I've had bad run ins with. Cassandra was a sexual harassing shift manager. And Felicia was a stalker who knew how to turn a good day into a hellish experience in 0-60." -- Anub1s from BBR forums