Date: Mon, 21 Aug 2000 18:22:13 +0600 (KGST) From: CrazZzy Slash <slash@krsu.edu.kg> To: "Vladimir I. Kulakov" <kulakov@kudesniki.ru> Cc: freebsd-security@FreeBSD.ORG Subject: Re: "snmp.sample" in /usr/local/etc/rc.d/ Message-ID: <Pine.BSF.4.21.0008211820530.41785-100000@krsu.edu.kg> In-Reply-To: <20000821081020Z277228-23170%2B34169@ajax2.sovam.com>
next in thread | previous in thread | raw e-mail | index | archive | help
no, i think may be something packet from ports install snmp for himself.. look through your logs.. On Mon, 21 Aug 2000, Vladimir I. Kulakov wrote: > > Hi! > > > > Can you send me your /tmp/install.log? > > There is no such file !!! :--( > Do you think it was deleted by a hacker? > > > > > Hi, all ! > > > > > > I've just moved my server from FreeBSD 2.2.5 to 4.0 due > > > to total hardware upgrade and many security holes. > > > > > > After upgrade I've mounted the hard disk from the previous > > > mashine and moved all user's data from /usr/home/ from it > > > to the new hard disk. The new mashine had new root > > > password, of course. > > > > > > But at the next day after upgrade I've suddenly noticed > > > two new scripts in /usr/local/etc/rc.d/ which intended to > > > start at every bootup process and which I've never installed. > > > > > > Moreover, at the /usr/local/sbin/ there two more > > > files appeared (snmpd and the second something like this). > > > I've never installed snmp on that mashine and mtree > > > tells me such files never existed there. > > > > > > In the log files there are nothing special. > > > > > > The new system was installed from a "clear" > > > distribution. > > > > > > Was this a troyan programs? How can I check > > > my server for such security holes? And how > > > such programs could be installed? > > > > > > May be my mistake was mounting my old disk with > > > securigy holes then working connected to the Internet ? > > > But how the hacker could execute programs even > > > from insecure disk on a secure mashine? > > > > > > Help me, please !!! > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > with "unsubscribe freebsd-security" in the body of the message > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0008211820530.41785-100000>