I'm trying to diagnose a problem on a client's SCO PC running
Release 3.2v4.2 KernelID 93/04/28. A file mv'd by a cron script
instead becomes hard-linked. This cannot be duplicated outside
of cron. That hacker tampering has somehow caused this is one
possibility. Several systems, including this one, in the same subnet
have been hacked, and a packet sniffer was discovered on a server run
by the sponsoring university was recently discovered.
But is filesystem corruption a possible cause? I'd hate to have to
tell the client he'll have to re-install without being sure. The
system was re-installed from source after the prior attack. The binary
for ln, rm, mv and mvdir has been replaced.
Also, I'm rarely in this group. So an e-mail response would be
preferred. I'd be happy to post any answers.