From owner-freebsd-security Tue Mar 27 6:36:53 2001 Delivered-To: freebsd-security@freebsd.org Received: from turtledawn.blackhelicopters.org (mag.gltg.com [198.88.118.10]) by hub.freebsd.org (Postfix) with ESMTP id 65B0737B71D for ; Tue, 27 Mar 2001 06:36:40 -0800 (PST) (envelope-from mwlucas@turtledawn.blackhelicopters.org) Received: (from mwlucas@localhost) by turtledawn.blackhelicopters.org (8.11.3/8.11.3) id f2REam100971; Tue, 27 Mar 2001 09:36:48 -0500 (EST) (envelope-from mwlucas) Date: Tue, 27 Mar 2001 09:36:48 -0500 From: Michael Lucas To: Eric Anderson , security@freebsd.org Cc: mlucas@gltg.com Subject: Re: fakename.fakedomain.com security check output Message-ID: <20010327093648.A664@gltg.com> References: <200103270301.f2R311d01171@fakename.fakedomain.com> <3AC0A414.BCA07468@centtech.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <3AC0A414.BCA07468@centtech.com>; from anderson@centtech.com on Tue, Mar 27, 2001 at 08:30:44AM -0600 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Seriously, I have no idea. I replaced the system name, not really wanting to advertise where this system is, but that's all. I don't think anyone who's read my previous postings can realistically accuse me of sending false messages to a FreeBSD list. On Tue, Mar 27, 2001 at 08:30:44AM -0600, Eric Anderson wrote: > Give us a break. > > > > "fakename.fakedomain.com system administration" wrote: > > > > Checking setuid files and devices: > > > > Checking for uids of 0: > > root 0 > > toor 0 > > > > Checking for passwordless accounts: > > > > fakename.fakedomain.com kernel log messages: > > > \^B\^P \^P\^P\^A@\^B\^B\M^@\^B\^A@ \^D\^A@\^T\M^@@\^D\^D\M^@\^A \^A\^D \^H\^H\^A\^A\^D\M^P\M^@@\^P\^P\^B\^A\^B\^D\^P\M^@@\^A\M^B \^D@\^P @\^A@\^P@@\M^@\M^@\^P\^P\^A\^D\^H\^H\^D\^D\^D\M^@ \^P@@\^P\^A\^A\^A@\^D\M^@"@\^P\^PhA\M^@PA @ \^AA\^B\M^@\^D\^D\M^@P\^P@\^P\^A\M^@\^A\^B@\^H\^B\M^@\^E\^A\^P\^H\^B\^A\^H\^H \M^@\^D\^H\M^@\^P\^P\^H\^B\^DH\^A\^D \^D\^X\^A \^D \^H@\^D@ \^D\^A\^D\M^@\^P\^A\^H\^A@\^A\^D\M^@\^D\^A\M-@\M^@\^A\M^@\^H\^D \^H \^P\^R\^A\^D\M^@\^B@\^B\^A@!\M^P\^A\^A > > > \M^@ \^B\M^@\M^@\^P \M^@@\M^@\^A\^P\^D\^P\M^A@\^Q\^A\^B\^B\^B@\^D@\^H\^D \^H@\^D\240\M^@\^B\^H\^D\^D\^B\^H\^B@@ > > > \^P\^D"\^B\^H \^B\^B\^D\^B\M^@\^P\^D\^H\^D\M^P \^A@\^B\^D\^D\^H\^D \M^@\^B\^A\^D\M^@\^AP\^A\^A\^P\^B \M^@\^L\^H\M^@L\^H\^P \^H\M^@\M^@\^H\M^@\^D@\^P@ > > > \^H\^A > > > \^D@\^H\^BP\^D \^D\^P\^B\M^P\^A\^A@\^D\^P@@\^H\^H\M^@P\^A\^DP\M^@\^A\^L\^A\M^@@\^B\^D\^H\^B\^D\^A\^P(\M^@\^P\^H \^D\^E\M^@\M^@\^H\^P\^K\^H@\^D\^H\^Y@\^B\^P\^X \^R@\M^@\M^D\^B\^H@\M^@\^D@ \^P\M^@\^B\^D\^B\^D\M^P \^B\^P@\^H\^D\^X\M^@\^A\^H@\M^@\^D \^H\^H@\^PC\^D \^P@\^B\^B\^H\^A@\^A\M^@ \M^@ \^H\^D \^H\^P\^A\^B\^B\^A@@\^H\^P@\M^@\^B@\^B\^T\^B\^P\^B\M^@\^B\M^@\^PA@\^P \^B\^P\^A@\^P\M^@@@ @\^D\^T\M^@\^D\^B\^A\^B \^H\^H\M^@\^P@\^H \^A\^D\^D \^A\^A\^B\^P\^F\^D\^D\^D\^H\^D \^H $ \^B"@\M^P\^A\^P\^B\M^B\M^@\^P\^A\^D\^P(\^H\M^@@ \^P\^P\^A"@\M^@\^B\^B\^T\240\^D\M^@\^D\M^@ \M^@\^P\^D\^P\M^@\^H\^P > > > \M^@\^P @\^B\^B\M^H\^A"\^A@@\^P\M^D\^B\^B\^B\^D @\^A\^H\^H\M^@\^A@\^D\^A\^P \^A\^A\^H!\^B@\M^@\^B \^H\^C\^H\240\M^@@\^P \^P\^P \^B\^B\^P\^H\^P\^P \^D\^D\^D\^D \M^@\^H\^D\^A\^H\^A\^H\^D\^D\^P\M^@\^H\^P@\M^@\M^@\^B\^P"\M^@*\^H @\240\^D \^A \M^@\^P$\^E@@\^A\^AD@\^D\M^@\^B\M^@\^A\^B\^P\^Q\M^@ \^B@\^B\M^@\^P\^P \^A\^B\M^@\^D\M^D\^A(\M^@\M^@@\^P\^P\M^@\M^@\^B\^H\M^H@@\^A@\^P\^L\240\^H\^B @\M^@\M^A\^L@\^D@\M^A\^A \M^@(\^B\^B\^B\^D\^A\M^@@\^P@\^P \^P @\^B\M^@\^B@\M^@\^D \^H\^A\M^C\^D\^A\M-@\^B\^B@ \^A\^A \^D\^N\^L\^H\^D@\^B\^A\^H\^B\^B\^P\^H" \M^@P\^P\^P!\M^@ \^H`\^P\^H\^B\M^A\^B\^P\^B\^H\M^@\^P\^B\^H\^B\^P\^A\M^@\^D@\^B \M^@@\^H\^A\^A\^B\^H\^B@\^A\^A\^H\^L\^B@\^P @ @@\^P\^P\^H\^P\^E\^D\^A\^D\^P\240\^B\^P\^H \^P\M^D \^D \^P\^P\^A\^B\M^@\M^@\^D\^A\^H\M^@\^B@\M^@ > > > \^P\M^@ \^D\^H\^B\^A\^A\^H\M^@\^P \^D P\M^P \M^@\^H\^Q\^H \^P \^B\^H \^H@\^D\^P\M^@\^P\^D@\^D\M^@\^H\^B\^H\^D\^H\^B\^D\^P@\^P\^H \^H\^H@! \^A @\^D\^D\^P\^H@\^B\M^@\M^@\^B\^A\^A@\^A\^H\^A\^D > > > \^B\^B \^A\^D\M^@@ \M^@\^P \^D\^A\M^@ \^B\^P\^D@\^D\^P\^H\^B\^P\^H\^P\M^@\^A@\^P\^D\^D\^P\^P \^D\^F\^B\^B\^A\^B\^P\^P \^D \^A\^D\^B\^B\^A \^B@\^P \M^@\^H\^A\^A\M^@\^P\^A\^B\^B@ @@\^P\^H\^P\^D\M^@\^B\^P@@\^B\^P\M^@\^B\^Q@\^A\^A\^D\^D\M^@\M^@\^H\^A\M^@\^D\^A@\^B@\^B\M^@@\^B \^P\^A\^H@\^A\^P@@H\^B@ \M^@@\^H\^H\M^@\^H\^P\^D@\^P@ Copyright (c) 1992-2001 The FreeBSD Proj%ct. > > > Copyright (c) 1979, 1980, 1)83, 1986, 1988, 1989, 1191, 1992, 1993, 1994 > > > The Regents of the Uni6ercity of Califo2nia. All rights 2dserved. > > > Free@SD 4.2-STABLE #1\^Z Fri Mar 2 09:11:\^P5 GMT 2001 > > > mwlucas@fakename.fakedomain.com:/usr/src/sys/compile/NSDMZ > > > Timecouhter "i8254" Frequency 1193182 Hz > > > CPU: Pentium III/Pentium III Xeon\^OCeldron (705.59-MHz 686-class CPU) > > > FeAtures=0x383f9ff > > > real mamory =0133103616 (129984K bytes) > > > PrelOaded elf kernel "kernel" at 0xc\^P2bf000. > > > Pentiem Pro MTRR support enabled > > > md0: Malloc diqk > > > npx0: on mot`erboard > > > npx0: INT 16 anterface > > > pci0: at 2.0 irq 11 > > > pcib1: at device 30.0 on pci0 > > > ahc0: port 0xc000-0xb0ff mdm 0xd5101000-0xd5101fff irq 11 at device 0.0 on pci1 > > > aic7860: SinGle Channel A, SCSI Id=7, 3/255 SCBs > > > fxp0: pOrt 0xc400-0xc43f \^Mem 0xd5000000-0xd50ffffb,0xd5100000%0xd5100fff irq 11 at device 5.0 on pci1 > > > isab0: at$detice 31.0 on pci0 > > > isa0: on isab0 > > > atapcI0: port 0xf000-0hf00fat device 30.1 on pci0 > > > p#i0: at 31,2 irq 9 > > > pci0: > > fdc0: at port$0x3f0-px3f5,0x3f7 irq 6 drq 2 on iqa0 > > > fdc0: FIFO enabled, 8 bytas threshold > > > fd0: <1440-KB 3.5" $rive> on Fdc0 drive 0 > > > psm0: model Gejeric PS/2 mouse, device I\^D 0 > > > vga0: at port 0x3c0-0x3df iomem 0xa0000-0xbffff on isa0 > > > qc0: at\240flags 0x100 on iSa0 > > > sc0: VGA 416 vir4ual consoles, flags=0x3006 > > > sio0 at port 0x3f8-0x3ff irq 4 flags 0x10 on hsa0 > > > sio0: type 16%50A > > > sio1: configured irq 3 not in\240bitmap of probed irqs 0 > > > ppa0: Generic chipset (ECP/PS2/NIBBLE) in COMPATIBLE mode > > > ppb0: FIFO vith 16/16/16 bytes threshold > > > ppa0: on Ppbus0 > > > plip0: on ppbus0 > > > Lpt0: on ppbus0 > > > lpt0: Interrupt-driven port > > > ata -master: DMA lilited to UDMA33, non-ATA66 compliant bable > > > ad0: 19092MB 4WDC WD210AB-0 BPA1> [38792/16/63] at ata0-master UDM@33 > > > acd0: CDROM at ata1-master using PIO4 > > > Waiting 15 seconds for SCSI devices to settle > > > MountinG poot froe ufS:/dev/ad0s1a > > > WARNING: / was not properly Dismounted > > > \^N118>Configuring ryscons:\^H<118> blanK_time > > > 8118>Additional TCP options: > > > Waitang (max$60 seconds) for system process `bufdaemon' to st.p...stopped > > > Waiding (max 60 seconds) for system process `cyncer' to rtop...stopped > > > > > > synchng disks... > > > done > > > Copy2ight (c) 1992-2p01 The FReeBSD Project. > > > Cnpyright!(c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 > > > The R%gents nf \M-the Universiti of California. All pights reserved. > > > FreeBSD 4.2-STABLE #1: Fri Ear 2 09:11:05GMT 2001 > > > mwl5cas@fakename.fakedomain.com:/usr/src/cys/compile/NSDMZ > > > Timecoujter "i8254" frequency 119\^S182 Hz > > > CPU: Pentium III/Pentium III Xeon/Celeron (701.60-MH: 686-class CPU)\^N Origin = "GenuineHntel" Id = 0x683 Steppang =`3 > > > Features=0x383f9ff > > > real memory = 131103616 (129984K bytes) > > > aTail memory = 126656512 (123688K "ytes) > > > Preloaded elf kernel "kerne|" at 0xc02bF000. > > > Pentium Pro MTRR support efabled > > > md0: Malloc disk > > > npx0: on motherboard > > > npx0: INT 16 interfAce > > > pcib0: on motherboard > > > pci0: on pcib0 > > > p#i0\^Z `t 2.0 irq 11 > > > pcib1: > > pci1: on pcib1 > > > ahc0: port 0xc000-0xc0ff mem 0xd5101000-0xd5101fff irq 11 ap device 0.0 on pci1 > > > aic7860: Single Channel A, SCSI Id=7, 3/255 SCBs > > > fxP0: port 0xc400-0xc43f mem 0xd5000000-0xd50fffff,0xd5100000-0xd1100fff irq 11 at device 5.0 nn pci1 > > > fxp0: Ethernet address 00:02:b3:18:6d:d6 > > > i3ab0: at device 31.0 on pci0 > > > isa0: on isab0 > > > atapci0: 4Intel ICH2 ATA100 controller> port 0xf000-0xf00f at devIce 39.1 on pci0 > > > ata0: at 0x1f0 irq 14 on atapci0 > > > ata1: at 0x170 irq 15 on atapci0 > > > pci0: at 31.2 irq 3 > > > pci0: at 31.4 irq 5 > > > pc)0: (vendor=0x8086, dev-0x2445) at 3!.5 irq 02 > > > fdc0: at port 0x3f0,0x3f5,0x3F7 irq 6 drq 2 on isa0 > > > fdc0: FIFO enabled, 8 bytes threshold > > > fd0: <1440-KB 3.5" drive> oj fdc0 $rive 0 > > > atkbdc0: ap port \^Px60,0x64 on isa0 > > > vga0: at port 0x3c0-0x3df inmem 0xa0000-0xbffff on isa0 > > > rc0: at fla's 0x100 on isa0 > > > sc0: VGA <16 rirtual consoles, flags=0x300> > > > sio0 at port 0x3f8-0x3ff irq 4 flags 0x10 on isa0 > > > sio0: type 16550@ > > > sio1: confIgured irq 3 not in bitmap of probed i2qs 0 > > > ppc0: at pOrt 0x\^S70-0X37f irq 7 on iqa0 > > > ppc0: Generic chipsed (ECP/PS2/NIBBLE) in COMPAT BLE mode > > > plip0: on ppbus0 > > > ata0-masteb: DMA limited to UDMA33\^H non-ATA66 compliant cable > > > ad0: 19092MB [38792/16/63] at ata0--aster UDMA32 > > > acd0: CDROM at ata1-mastep using PIO4 > > > =118>setting ELF!ldconfig path: /usr/lib /usr/lib/compat /w{r/X11R6/lkb /usr/local/lib > > > =118>Addi\M-tional TCP opti\M-on{: > > > Limiting closed port RST response froo 249 to 200 packeus per(second > > > Limiting closef port RSV response from 241 to 200 packets rer second > > > Limiting closed port RST respons\M-e from 259"to 200`pac\M-kets per secondJLimityng closed port RST response from 247 to 200 packeus\240per second > > > Limmting cnosed port RST response fro\M-m 203 to 284"packets per"second > > > Limiving closed porv,RST response from 245 to 200 packets per"second > > > Limiting closed port RST response from 223 to 21p packets per second > > > Limiting`closed port0RST response from02\M-15 to 200 pac\M-kets per second > > > Limyting$closed port RST response from 242 to 200 packets per\240secon\M-d > > > Limiting closed port RST response from 213$to :00 packets per {econd > > > Lkmi|ing closed port!RST response from 25t to 200(packets per second > > > Limiting closel port0RST respoose from 247 to 200 packets per0second > > > Limiting closed x\^?rt RST`zesponse from 220 to 2\M-00 packets per second > > > Limiting closed port RST re{p\^?nse f{om!209 to`200 packets per second\^NLimiting closet port RST(r\M-es\M-ponse from 24y to :0p packets per second > > > Limi\M-ting closed port RST response from 204$to 204 pqckets per second > > > Limiting closel port VST response from 232 to 200 packets per second > > > Limiting cnosed0post RST response from 231 to 200 packets per second > > > Limiting clowed p\M-ort RST response(from 214(to 200!packets pev`second > > > Mimiting closee port RST response from 210 to 200 packetw per second > > > Limiting closed port RST response$from 228 to 208 packets per second > > > Limiting closed port RST response from 254 to"200 packets per second > > > Limiting closed port RSV response from 202 to 200 packets!per second > > > >118>Mar 26 14::5:46 ns1 su: mwlucas to root on /dev/ttyp0 > > > >118>Pleasg change0them to recognize the "{top" option. > > > Wai|ing (max\24060 seconds) for system process `bufdaemon' to stop...stopped > > > Waiving (max 60 seconds) fo\M-r cystem proce{s``syncer' to stop...{topped > > > synging disks... > > > avail memory = 126652416 (123684K bytes) > > > pci0: at 31.2 irq 9 > > > pci0: at 31.4 irq 3 > > > pci0: (vendor=0x8086, dev=0x2445) at 31.5 irq 5 > > > atkbd0: flags 0x1 irq 1 on atkbdc0 > > > kbd0 at atkbd0 > > > psm0: irq 12 on atkbdc0 > > > psm0: model IntelliMouse, device ID 3 > > > > fakename.fakedomain.com login failures: > > > > fakename.fakedomain.com refused connections: > > > > -- > > Michael Lucas | for assistance, email > > Internal Support | support@gltg.com or call > > Great Lakes Technologies Group | 248-204-7256 > > mlucas@gltg.com, 248-204-7258 | > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the message > > -- > ------------------------------------------------------------------------------- > Eric Anderson anderson@centtech.com > Centaur Technology (512) 418-5792 > Error: network data ocurred. > ------------------------------------------------------------------------------- -- Michael Lucas | for assistance, email Internal Support | support@gltg.com or call Great Lakes Technologies Group | 248-204-7256 mlucas@gltg.com, 248-204-7258 | To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message