From owner-freebsd-questions@FreeBSD.ORG  Thu Feb 12 13:30:39 2004
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id EC92016A4CE
	for <freebsd-questions@freebsd.org>;
	Thu, 12 Feb 2004 13:30:39 -0800 (PST)
Received: from obsecurity.dyndns.org
	(adsl-64-169-106-71.dsl.lsan03.pacbell.net [64.169.106.71])
	by mx1.FreeBSD.org (Postfix) with ESMTP id BCEFC43D1F
	for <freebsd-questions@freebsd.org>;
	Thu, 12 Feb 2004 13:30:39 -0800 (PST)
	(envelope-from kris@obsecurity.org)
Received: by obsecurity.dyndns.org (Postfix, from userid 1000)
	id 5962666D0E; Thu, 12 Feb 2004 13:30:39 -0800 (PST)
Date: Thu, 12 Feb 2004 13:30:39 -0800
From: Kris Kennaway <kris@obsecurity.org>
To: Wallace Aiken <Aiken@salem.kent.edu>
Message-ID: <20040212213038.GA52999@xor.obsecurity.org>
References: <200402121525.AA26542198@mail.salem.kent.edu>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="GvXjxJ+pjyke8COw"
Content-Disposition: inline
In-Reply-To: <200402121525.AA26542198@mail.salem.kent.edu>
User-Agent: Mutt/1.4.1i
cc: freebsd-questions@freebsd.org
Subject: Re: Spimware infection
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Feb 2004 21:30:40 -0000


--GvXjxJ+pjyke8COw
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

On Thu, Feb 12, 2004 at 03:25:36PM -0500, Wallace Aiken wrote:

> Hi, I'm using two of your firewalls...they work great. But all of a
> sudden they're showing signs of "Spimmware" infection, a kind of
> spyware.

> I work for Kent State university and their network scan came up with
> the IPs and host names of my firewalls, as well as some other hosts
> on my subnet that were not behind the firewall...can you give me any
> advice?

Please wrap your lines at 70 characters so you emails may be easily
read.

You'll have to give us some more information, such as what evidence
you have that there is a problem with your FreeBSD machines, and
exactly what you think that problem is.

Kris

--GvXjxJ+pjyke8COw
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)

iD8DBQFAK/B+Wry0BWjoQKURAlyRAJ0bWmrd+MrpAvDCqoAsGUCkn7YX+gCfWn/C
JjJU+8Al21HyWw+L1tZ5AJU=
=9PxB
-----END PGP SIGNATURE-----

--GvXjxJ+pjyke8COw--