since it was asked the title bar had something innappropriate(eg vulgar) displayed in it. I forgret exactly what now.<br><br><div><span class="gmail_quote">On 8/22/06, <b class="gmail_sendername">Caleb Cushing</b> <<a href="mailto:xenoterracide@gmail.com">
xenoterracide@gmail.com</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><div>very strange.... it seems to have gone away... but I don't like it. it appears that it might be my windows box that's been comprimized (the one i'm running putty on)... to soon to tell I think when I get home I need to review some logs. I've already changed my password for my login from a different terminal.
</div><div><span class="e" id="q_10d3723936b3857b_1"><br><br><div><span class="gmail_quote">On 8/22/06, <b class="gmail_sendername">Clay Dowling</b> <<a href="mailto:clay@lazarusid.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
clay@lazarusid.com</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<br>Caleb Cushing said:<br>> no... it reads a some sort of a DNS hostname.domainname record. but I'm<br>> not<br>> sure how it determines that. could be localsetting could be forward lookup<br>> reverse lookup. am I missing anything? how would I determine.
<br><br>It's possible for a hacked server to lie to you about this. Xterm allows<br>the setting of the title bar, and PuTTy supports this feature. There's an<br>option under the PuTTy Windows settings to control this.<br>
<br>><br>> On 8/22/06, Charles Ulrich < <a href="mailto:charles@idealso.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">charles@idealso.com</a>> wrote:<br>>><br>>> Caleb Cushing wrote:
<br>>> > when using putty to ssh where does it get the info from that's in the
<br>>> > title bar? seems I've been cracked. I need to be more paranoid. but<br>>> > first I need to figure out how much damage was caused.<br>>><br>>> At a guess, it's probably reading the escape sequences mentioned here:
<br>>><br>>><br>>> <a href="http://www.tldp.org/HOWTO/Bash-Prompt-HOWTO/xterm-title-bar-manipulations.html" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://www.tldp.org/HOWTO/Bash-Prompt-HOWTO/xterm-title-bar-manipulations.html
</a><br>>> --
<br>>> Charles Ulrich<br>>> Ideal Solution, LLC -- <a href="http://www.idealso.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://www.idealso.com</a><br>>><br>> _______________________________________________
<br>> linux-user mailing list
<br>> <a href="mailto:linux-user@egr.msu.edu" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">linux-user@egr.msu.edu</a><br>> <a href="http://mailman.egr.msu.edu/mailman/listinfo/linux-user" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
http://mailman.egr.msu.edu/mailman/listinfo/linux-user</a><br>><br><br>
<br>--<br>Simple Content Management<br><a href="http://www.ceamus.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://www.ceamus.com</a><br><br>_______________________________________________
<br>linux-user mailing list<br><a href="mailto:linux-user@egr.msu.edu" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
linux-user@egr.msu.edu</a><br><a href="http://mailman.egr.msu.edu/mailman/listinfo/linux-user" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://mailman.egr.msu.edu/mailman/listinfo/linux-user
</a><br></blockquote></div><br>
</span></div></blockquote></div><br>