Date: Sun, 27 Jun 1999 19:29:12 +1000 (EST) From: Keith Anderson <keith@apcs.com.au> To: questions@freebsd.org, security@freebsd.org Subject: Whats going on please Message-ID: <XFMail.990627192912.keith@apcs.com.au>
next in thread | raw e-mail | index | archive | help
Hi All I just noticed someone hacking. what has happend ? any help would be great. I have whats like a new kernel> I am the keith@work.xxx.com.au I have turned off all telnet/ssh/smtp/pop for now <snip> root@137~#uname -a FreeBSD 137.132.85.96 3.1-RELEASE FreeBSD 3.1-RELEASE #3: Wed Mar 31 14:59:17 EST 1999 keith@work.xxx.com.au:/usr/src/sys/compile/WORK i386 </snip> what is the '137.132.85.96' or who it should be work.xxx.com.au I have in /var/log/messages <snip> Jun 27 19:13:41 work sshd[3005]: fatal: Local: Sorry, you are not allowed to connect. Jun 27 19:18:24 work telnetd[3014]: refused connect from compl-r4.iscs.nus.sg Jun 27 19:18:26 work telnetd[3015]: refused connect from compl-r4.iscs.nus.sg </snip> and <snip> Jun 27 17:06:59 work popper[1550]: @compl-r4.iscs.nus.sg: -ERR POP EOF received Jun 27 17:07:00 work popper[1552]: @compl-r4.iscs.nus.sg: -ERR POP EOF received Jun 27 17:07:03 work popper[1553]: @compl-r4.iscs.nus.sg: -ERR POP EOF received Jun 27 07:09:04 work dnsserver: gethostby*.gethostanswer: asked for "exnjld4avip.doubleclick.net", got "exnjld3avip. doubleclick.net" Jun 27 17:10:05 work popper[1579]: (v2.53) Unable to get canonical name of client, err = 0 Jun 27 17:12:40 work inetd[145]: ident/tcp: No such user 'kmem', service ignored Jun 27 17:17:06 work popper[1637]: (v2.53) Unable to get canonical name of client, err = 0 Jun 27 17:18:47 work popper[1640]: @compl-r4.iscs.nus.sg: -ERR POP EOF received Jun 27 17:18:48 work popper[1642]: @compl-r4.iscs.nus.sg: -ERR POP EOF received Jun 27 17:18:48 work popper[1643]: @compl-r4.iscs.nus.sg: -ERR POP EOF received </snip> Hope you can help Thanking you Keith A "The box said 'Requires Windows 95, NT, or better,' so I installed FreeBSD." ** The thing I like most about Windows 98 is... ** You can download FreeBSD with it! ---------------------------------- E-Mail: Keith Anderson <keith@apcs.com.au> Australia Power Control Systems Pty. Limited. Date: 27-Jun-99 Time: 18:59:43 Satelite Service 64K to 2Meg This message was sent by XFMail ---------------------------------- What's the similarity between an air conditioner and a computer? They both stop working when you open windows. ---------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?XFMail.990627192912.keith>