Date: Fri, 22 Jun 2012 23:38:50 +0800 (SGT) From: RetspaN Code <silent24_2007@yahoo.com> To: "FreeBSD-doc@FreeBSD.org" <FreeBSD-doc@FreeBSD.org> Subject: I have a problem to my server running under FreeBSD 8.1 p-1 release Message-ID: <1340379530.49640.YahooMailNeo@web190402.mail.sg3.yahoo.com>
next in thread | raw e-mail | index | archive | help
Hello FreeBSD,=0A=0AI have a problem to my server.=0A=0AI'm running FreeBSD= 8.1 p-1 release=0A=0AWhen freebsd got a vulnerable called=A0OpenSSL multip= le vulnerabilities i get my server reboot and shutdown many times. when i c= heck the log on wtmp i found user and use root login thru terminal, it look= s like this:=0A~^@^@^@^@^@^@^@reboot^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^= @^@^@^@^@^@^@=D0=ED=C9Lttyv0^@^@^@root^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^= @^@^@^@^@^@^@^@^@^@=0A=0Aand intruder load their exploit due to my server v= ulnerable of openssl but i did patch it but already late coz the intruder a= lready load their exploit. and users start to reboot and shutdown my server= everytime i up. then user also delete my /home/files.=0Aand now i get this= last problem. specially when running application psybnc it auto crash and = auto kill the process.=0A=0A[root@CyberTech /usr/src]# fetch http://securit= y.FreeBSD.org/patches/SA-12:04/sysret-81.patch=0Afetch: http://security.Fre= eBSD.org/patches/SA-12:04/sysret-81.patch: Permission denied=0A[root@CyberT= ech /usr/src]#=0A=0AI got this error.=0A=0AHeres my current process:=0A=0A[= root@CyberTech /usr/src]# ps x=0A=A0 PID =A0TT =A0STAT =A0 =A0 =A0TIME COMM= AND=0A=A0 =A0 0 =A0?? =A0DLs =A0143:51.96 [kernel]=0A=A0 =A0 1 =A0?? =A0SLs= =A0 =A00:28.75 /sbin/init --=0A=A0 =A0 2 =A0?? =A0DL =A0 =A0 2:49.23 [g_ev= ent]=0A=A0 =A0 3 =A0?? =A0DL =A0 =A032:31.52 [g_up]=0A=A0 =A0 4 =A0?? =A0DL= =A0 =A027:26.45 [g_down]=0A=A0 =A0 5 =A0?? =A0DL =A0 =A0 0:00.01 [sctp_ite= rator]=0A=A0 =A0 6 =A0?? =A0DL =A0 =A0 0:00.00 [xpt_thrd]=0A=A0 =A0 7 =A0??= =A0DL =A0 =A016:27.57 [pagedaemon]=0A=A0 =A0 8 =A0?? =A0DL =A0 =A0 0:00.00= [vmdaemon]=0A=A0 =A0 9 =A0?? =A0DL =A0 =A0 0:00.04 [pagezero]=0A=A0 =A010 = =A0?? =A0DL =A0 =A0 0:00.00 [audit]=0A=A0 =A011 =A0?? =A0RL =A0 91515:47.03= [idle]=0A=A0 =A012 =A0?? =A0WL =A0 918:54.59 [intr]=0A=A0 =A013 =A0?? =A0D= L =A0 =A011:18.45 [yarrow]=0A=A0 =A014 =A0?? =A0DL =A0 =A0 0:49.58 [usb]=0A= =A0 =A015 =A0?? =A0DL =A0 =A0 0:45.70 [acpi_thermal]=0A=A0 =A016 =A0?? =A0D= L =A0 =A0 0:13.93 [bufdaemon]=0A=A0 =A017 =A0?? =A0DL =A0 =A041:59.16 [sync= er]=0A=A0 =A018 =A0?? =A0DL =A0 =A0 0:25.69 [vnlru]=0A=A0 =A019 =A0?? =A0DL= =A0 =A0 0:15.91 [softdepflush]=0A=A0 =A020 =A0?? =A0DL =A0 =A0 1:50.31 [fl= owcleaner]=0A=A0 112 =A0?? =A0Is =A0 =A0 0:00.00 adjkerntz -i=0A=A02046 =A0= ?? =A0Is =A0 =A0 0:00.04 /sbin/devd=0A=A02233 =A0?? =A0DL =A0 =A0 0:01.48 [= accounting]=0A=A02256 =A0?? =A0Ss =A0 =A013:51.56 /usr/local/sbin/syslog-ng= -p /var/run/syslog.pid=0A=A02608 =A0?? =A0Ss =A0 =A0 2:54.56 /usr/bin/perl= /usr/local/lib/webmin-1.580/miniserv.pl /usr/local/etc/webmin/miniserv.con= f (perl5.10.1)=0A=A02707 =A0?? =A0Ss =A0 =A0 0:08.02 /usr/sbin/cron -s=0A= =A02718 =A0?? =A0Is =A0 =A0 0:00.27 /usr/local/bin/portsentry -tcp=0A=A0272= 0 =A0?? =A0Is =A0 =A0 0:00.00 /usr/local/bin/portsentry -udp=0A44606 =A0?? = =A0Is =A0 =A0 0:04.40 /usr/local/sbin/oidentd -C /usr/local/etc/oidentd.con= f=0A79728 =A0?? =A0Is =A0 =A0 0:00.01 /usr/sbin/sshd -u0=0A85824 =A0?? =A0S= s =A0 =A0 0:00.70 sshd: root@pts/13 (sshd)=0A=A04756 =A0v0 =A0Is+ =A0 =A00:= 00.01 /usr/libexec/getty Pc ttyv0=0A=A04757 =A0v1 =A0Is+ =A0 =A00:00.01 /us= r/libexec/getty Pc ttyv1=0A=A04758 =A0v2 =A0Is+ =A0 =A00:00.01 /usr/libexec= /getty Pc ttyv2=0A=A04759 =A0v3 =A0Is+ =A0 =A00:00.01 /usr/libexec/getty Pc= ttyv3=0A=A04760 =A0v4 =A0Is+ =A0 =A00:00.01 /usr/libexec/getty Pc ttyv4=0A= =A04761 =A0v5 =A0Is+ =A0 =A00:00.01 /usr/libexec/getty Pc ttyv5=0A=A04762 = =A0v6 =A0Is+ =A0 =A00:00.01 /usr/libexec/getty Pc ttyv6=0A=A04763 =A0v7 =A0= Is+ =A0 =A00:00.01 /usr/libexec/getty Pc ttyv7=0A85841 =A013 =A0Is =A0 =A0 = 0:00.05 -csh (csh)=0A87998 =A013 =A0S =A0 =A0 =A00:00.04 bash=0A88267 =A013= =A0R+ =A0 =A0 0:00.00 ps x=0A[root@CyberTech /usr/src]#=0A=0ACan you help = me to fix and how to repair my server to avoid crash and getting an error "= Error Creating Socket"=0A=0APlease help me Sir, Thanks!=0A=0A=0ARegards,=0A= =0AFredFoxs
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1340379530.49640.YahooMailNeo>