Date: Wed, 03 Oct 2001 07:42:00 -0500 From: Eric Anderson <anderson@centtech.com> To: ANdrei <andrei@abc.ro> Cc: rik@rikrose.net, freebsd-security@freebsd.org Subject: Re: last Message-ID: <3BBB0797.C18CBA8B@centtech.com> References: <Pine.LNX.4.21.0110031129110.3489-100000@pkl.net> <3BBAF0B7.2CC21C7B@abc.ro>
next in thread | previous in thread | raw e-mail | index | archive | help
I have had my FreeBSD boxes crash like this a few times. Typically, it's been a CPU overheating for me. It really IS a crash. The ~ is what last puts in there when the system is rebooted without a user abruptly. All hackers leave a trace. Eric ANdrei wrote: > rik@rikrose.net wrote: > > > > On Wed, 3 Oct 2001, ANdrei wrote: > > > it wasn't for sure me :), but i just had my firewall down for a few > > > mins, and then it happened... was this just a coincidence? > > > > It could have been a power cut, or even a brown out, or someone else while > > you were working on the firewall :) > > nope, in that case you don't get that log entry from last (i'm almost > sure about that) and your file-systems get checked at startup for sure, > and mine didn't... it was a clkean shutdown... plus there was no power > cut, because we have about 40 computers in the company, and none > rebooted except mine... > > I'm so suspicious because I had a few times people trying to hack me, > and 2 times they were real profis, and i believe they got through this > time and left almost no evidence of their passing... > > > > > > and smtg else: what ports and protocol are used when accesing a samba > > > share? i'm talking about a broadcast network, where people should be > > > able to access public shares from other computers, which have > > > firewalls... > > > > 137-140 roughly, depending on what version of Windows you're using. I > > noticed 2000 has lots more useless ports open than any of the others, > > by default, sometimes including qotd, although I've not found the setting > > to control it. Some machines it's on, some it's not. I don't know why, > > but then I understand so little of MicroSofts products... > > I understand little about M$ too :) I found out i have an error in my > configuration of samba, or something like that, the ports i knew were > good: 135, 137, 138 and 139 > > maybe anybody has other ideas about the weird TILDA ~ in the > "last"-output, and what/who it was... > > > > > -- > > PGP Key: D2729A3F - Keyserver: wwwkeys.uk.pgp.net - rich at rdrose dot org > > Key fingerprint = 5EB1 4C63 9FAD D87B 854C 3DED 1408 ED77 D272 9A3F > > Public key also encoded with outguess on http://rikrose.net > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the message > > -- > "I live in my own little world - but it's ok, they know me here!" > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3BBB0797.C18CBA8B>