[Cooker] MDK 9.0 fresh install on SMP machine, bugs? found...

Thomas Backlund Wed, 09 Oct 2002 05:08:22 -0700


Alkuperäinen viesti (liitetty) sisälsi vaarallista koodia.
AntiVirus-Tutka on puhdistanut viestiä. 
-----------------------
Tämä viesti tulee INRITEL OY:n postipalvelimelta varoitukseksi että 
viesti: <[Cooker] MDK 9.0 fresh install on SMP machine,  bugs?  found...>, sisältää 
viruksen.
Viestin lähettäjä: [EMAIL PROTECTED]
Viestin vastaanottaja(t): [EMAIL PROTECTED]


Tiedoksi lähettäjälle:
----------------------
Virustarkistettu viesti sisältää teidän sähköpostiosoite viestin lähettäjänä.
Joko teidän tietokoneessa on saastunut, tai sitten jonkun tietokone jossa 
osoitteistosta löytyy teidän sähköpostiosoite on saastunut.

(Tiedoksi jotkut virukset osaavat itse lähettää viestejä tietokoneeltasi.
 Ehdotamme että tarkistatte koneenne ajan tasalla olevalla virustorjunnalla.)

Tiedoksi vastaanottajalle:
--------------------------
Ole hyvää ja ota yhteys viestin lähettäjälle: Todennäköisesti hän ei tiedä että
hänellä on tietokonevirusta.

Tehdyt toimenpiteet saastuneille tiedostoille:
----------------------------------------------


AntiVirus-Tutka tallensi saastunut tiedosto karanteeniin nimellä: 1034166466-RAV29964. 
Liitetiedosto (part0002:report.bug.gz)->report.bug liitetty viestiin: [Cooker] MDK 9.0 
fresh install on SMP machine,  bugs?  found..., lähettäjänä: 
[EMAIL PROTECTED],
vastaanottaja(t): [EMAIL PROTECTED] sisältää viruksen: 
UNAUTHORIZED_MAIL_CONTENT. 
AntiVirus-Tutka kopioi tiedoston karanteeniin nimellä: 1cf58027.qto. 

--------------------------------------------------
 Tämä on kopio viestin lähetystiedoista (header). 

Received: from atkope (unknown [172.16.24.60])
        by mail.inritel.com (Postfix) with SMTP id 2D8C118F3
        for <[EMAIL PROTECTED]>; Wed,  9 Oct 2002 08:27:46 -0400 (EDT)

--- Begin Message ---

Hi,
here is my system:

dual PII 350, Intel BX chipset 512MB ECC SDRAM
dual 18GB IBM SCSI HDD:s running linux soft-raid 1
(even swap is on raid 1), all partitions uses ReiserFS

This machine runs:
kernel-2.4.19.19mdk-1-1mdk

Web:
apache 1.3.26-6mdk

Mail:
postfix-1.1.11-4mdk
courier-imap-1.5.3-1mdk

Rav antivirus mailscanner:
ravmd 8.4.0-7
ravcore 8.9.0-6
ravpostfix 8.4.0-4

and here is my problem:

Output from 'top'
---
  2:32pm  up 2 days, 15:20,  1 user,  load average: 0,00, 0,00, 0,00
75 processes: 74 sleeping, 1 running, 0 zombie, 0 stopped
CPU states:  0,4% user,  0,6% system,  0,8% nice,  9,6% idle
CPU0 states:  0,0% user,  0,0% system,  0,0% nice,  0,106% idle
CPU1 states:  0,1% user,  0,5% system,  0,0% nice,  0,100% idle
Mem:   515952K av,  508016K used,    7936K free,       0K shrd,   99108K
buff
Swap:  256888K av,  256700K used,     188K free                   49000K
cached
---

So, what is eating my processor power, and my memory?

And before anyone asks, It is a FRESH install.
Before this Install, the same system was running
MDK 8.2 with all official updates, and with theese installed:

Mail: (same as now)
postfix-1.1.11-4mdk
courier-imap-1.5.3-1mdk

Rav antivirus mailscanner: (same as now)
ravmd 8.4.0-7
ravcore 8.9.0-6
ravpostfix 8.4.0-4

With this system I had no problem what so ever...,
and swapfile was newer used, and both processors were about 98% idle...

So, the only changes in the system are:
- the obvious differences between MDK 8.2 and 9.0
  (newer apache, glibc, kernel, ...)
- ReiserFS instead of ext3.

Any ideas?

Thomas

report.bug.gz
Description: Binary data

  F S   UID   PID  PPID  C PRI  NI ADDR    SZ WCHAN  TTY        TIME CMD
100 S     0     1     0  0  69   0    -   322 do_sel ?         11:09 init
040 S     0     2     1  0  69   0    -     0 contex ?          0:02 [keventd]
040 S     0     3     1  0  79  19    -     0 ksofti ?          0:00 [ksoftirqd_
040 S     0     4     1  0  79  19    -     0 ksofti ?          0:00 [ksoftirqd_
040 S     0     5     1  0  69   0    -     0 kswapd ?          1:06 [kswapd]
040 S     0     6     1  0  69   0    -     0 bdflus ?          0:03 [bdflush]
040 S     0     7     1  0  69   0    -     0 kupdat ?          0:39 [kupdated]
040 S     0     8     1  0  59 -20    -     0 md_thr ?          0:00 [mdrecovery
040 S     0    12     1  0  69   0    -     0 down_i ?          0:00 [scsi_eh_0]
040 S     0    16     1  0  59 -20    -     0 md_thr ?          0:00 [raid1d]
040 S     0    17     1  0  59 -20    -     0 md_thr ?          0:00 [raid1d]
040 S     0    18     1  0  59 -20    -     0 md_thr ?          0:00 [raid1d]
040 S     0    19     1  0  59 -20    -     0 md_thr ?          0:00 [raid1d]
040 S     0    20     1  0  59 -20    -     0 md_thr ?          0:00 [raid1d]
040 S     0    21     1  0  59 -20    -     0 md_thr ?          0:00 [raid1d]
040 S     0    22     1  0  59 -20    -     0 md_thr ?          0:00 [raid1d]
040 S     0    23     1  0  69   0    -     0 end    ?          0:00 [kreiserfsd
140 S     0   195     1  0  68   0    -   419 devfsd ?          0:16 devfsd /dev
040 S     0   279     1  0  69   0    -     0 end    ?          0:00 [khubd]
140 S     0   843     1  0  69   0    -   340 do_sel ?          0:29 syslogd -m 
140 S     0   851     1  0  69   0    -   510 do_sys ?          0:00 klogd -2
040 S     2   902     1  0  69   0    -   328 nanosl ?          0:00 /usr/sbin/a
140 S     0   935     1  0  69   0    -   428 do_sel ?          0:09 ntpd -A
040 S     0  1031     1  1  64   0    -   371 nanosl ?         39:43 crond
100 S     0  1071     1  0  69   0    -   311 read_c vc/2       0:00 /sbin/minge
100 S     0  1072     1  0  69   0    -   311 read_c vc/3       0:00 /sbin/minge
100 S     0  1073     1  0  69   0    -   311 read_c vc/4       0:00 /sbin/minge
100 S     0  1074     1  0  69   0    -   311 read_c vc/5       0:00 /sbin/minge
100 S     0  1075     1  0  69   0    -   311 read_c vc/6       0:00 /sbin/minge
140 S     0  1220     1  0  69   0    -   666 do_sel ?          5:32 /usr/sbin/s
100 S     0  1281     1  0  69   0    -   311 read_c vc/1       0:00 /sbin/minge
040 S     0  2185     1  0  69   0    -   392 do_sel ?          0:00 /usr/lib/co
040 S     0  2186  2185  0  69   0    -   444 do_sel ?          0:16 /usr/lib/co
040 S     0  2187  2185  0  69   0    -   444 do_sel ?          0:16 /usr/lib/co
040 S     0  2189  2185  0  69   0    -   444 do_sel ?          0:15 /usr/lib/co
040 S     0  2190  2185  0  69   0    -   444 do_sel ?          0:15 /usr/lib/co
040 S     0  2191  2185  0  69   0    -   444 do_sel ?          0:16 /usr/lib/co
140 S     0  2195     1  0  69   0    -   342 do_sel ?          8:17 /usr/lib/co
000 S     0  2198     1  0  69   0    -   315 pipe_w ?          0:02 /usr/lib/co
140 S     0  2210     1  0  69   0    -   342 do_sel ?          0:00 /usr/lib/co
000 S     0  2213     1  0  69   0    -   312 pipe_w ?          0:00 /usr/lib/co
040 S     0  2530     1  0  69   0    -  1856 do_sel ?          0:04 httpd-perl 
140 S    72  2534  2530  0  69   0    -  1883 wait_f ?          0:00 httpd-perl 
140 S    72  2535  2530  0  69   0    -  1883 wait_f ?          0:00 httpd-perl 
140 S    72  2537  2530  0  69   0    -  1883 wait_f ?          0:00 httpd-perl 
140 S    72  2539  2530  0  69   0    -  1883 wait_f ?          0:00 httpd-perl 
140 S     0  2545     1  0  69   0    -  3048 do_sel ?          0:05 httpd -DPER
000 S     0  2552  2545  0  69   0    -   855 pipe_w ?          0:00 /usr/bin/pe
140 S    72  2553  2545  0  69   0    -  3283 semop  ?          0:01 httpd -DPER
140 S    72  2554  2545  0  69   0    -  3281 semop  ?          0:01 httpd -DPER
140 S    72  2555  2545  0  69   0    -  3454 semop  ?          0:04 httpd -DPER
140 S    72  2556  2545  0  69   0    -  3350 semop  ?          0:02 httpd -DPER
140 S    72  2558  2545  0  69   0    -  3281 semop  ?          0:02 httpd -DPER
140 S    72  2559  2545  0  69   0    - 64767 semop  ?          0:34 httpd -DPER
140 S    72  2560  2545  0  69   0    - 79115 rt_sig ?          0:30 httpd -DPER
140 S    72  3636  2545  0  69   0    -  3309 semop  ?          0:01 httpd -DPER
140 S 65534 14603     1  0  69   0    -  1045 do_sel ?          0:01 proftpd (ac
140 S    72 20800  2545  0  69   0    -  3086 do_sel ?          0:00 httpd -DPER
140 S    72 20801  2545  0  69   0    -  3086 semop  ?          0:00 httpd -DPER
140 S    72 20802  2545  0  69   0    -  3086 semop  ?          0:00 httpd -DPER
100 S     0 10846     1  0  70   0    -   947 do_sel ?          0:44 /usr/lib/po
100 S    75 10851 10846  0  69   0    -   996 do_sel ?          0:23 nqmgr -l -n
140 S     0 10875     1  0  69   0    -   416 wait4  ?          0:00 ravmd: supe
140 S     0 10876 10875  0  69   0    -  1831 wait_f ?          0:11 ravmd: read
140 S     0 10907     1  0  69   0    -   334 wait4  ?          0:00 ravpostfix:
140 S     0 10908 10907  0  68   0    -   334 wait_f ?          0:02 ravpostfix:
140 S     0 16068 10876  0  69   0    -  1200 do_sel ?          0:00 ravmd: logg
140 S     0 26519  1220  0  69   0    -  1519 unix_s ?          0:00 /usr/sbin/s
140 S   501 26521 26519  0  69   0    -  1550 do_sel ?          0:03 /usr/sbin/s
000 S   501 26522 26521  0  69   0    -   678 wait4  pts/0      0:00 -bash
100 S     0 26557 26522  0  69   0    -   566 wait4  pts/0      0:00 su -
100 S     0 26558 26557  0  69   0    -   679 wait4  pts/0      0:04 -bash
100 S    75 27575 10846  0  69   0    -   980 do_sel ?          0:00 pickup -l -
100 S     0 28376 26558  0  69   0    -   865 do_sel pts/0      0:08 /usr/bin/mc
100 S     0 28378 28376  0  70   0    -   687 wait4  pts/2      0:07 bash -rcfil
100 S   507 28935  2195  0  69   0    -   536 do_sel ?          0:00 /usr/bin/im
100 S    75 28944 10846  0  69   0    -   976 do_sel ?          0:00 flush -t un
100 S    75 28965 10846  0  69   0    -  1982 do_sel ?          0:00 smtpd -n sm
100 S    75 28966 10846  0  69   0    -   987 do_sel ?          0:00 cleanup -t 
100 S    75 28967 10846  0  69   0    -   975 do_sel ?          0:00 trivial-rew
100 S    75 28971 10846  0  69   0    -  1003 do_sel ?          0:00 smtp -t uni
100 S    75 28974 10846  0  70   0    -  1982 do_sel ?          0:00 smtpd -n 12
100 R     0 28979 28378  0  76   0    -   771 -      pts/2      0:00 ps g -Al --

Linux 2.4.19-16mdksmp ([EMAIL PROTECTED]) (gcc 3.2 ) #1 2CPU [mail]

Memory:      Total        Used        Free      Shared     Buffers      Cached
Mem:        515952      506048        9904           0       85132       60392
-/+ buffers/cache:      360524      155428
Swap:       256888      256888           0

Bootup: Sun Oct  6 23:11:12 2002    Load average: 0.01 0.03 0.00 1/77 28874

user  :       0:18:56.05   0.2%  page in :  4152334  disk 1:      478r       0w
nice  :       0:32:36.37   0.4%  page out:  6070733  disk 2:  3775844r12141400w
system:       0:26:14.63   0.3%  swap in :    13007  disk 3:  4527216r12141400w
idle  :       6:38:53.34  99.0%  swap out:    71380
uptime:   2d 15:37:28.55         context :  8117232

irq  0:  22904856 timer                 irq  8:         1 rtc                  
irq  1:       503 keyboard              irq 14:       151 ide0                 
irq  2:         0 cascade [4]           irq 18:   1114185 eth0                 
irq  6:         3                       irq 19:    882977 aic7xxx, usb-uhci    

Kernel Command Line:
  BOOT_IMAGE=linux-smp ro root=902 devfs=mount

Modules:
  3  nls_iso8859-15  25  isofs           18  inflate_fs       9  vfat           
 32  fat             15  sr_mod          49  floppy          14  af_packet      
 16 *natsemi         22  usb-uhci        60 *usbcore          7  rtc            
168 *reiserfs        14 *raid1           11 *sd_mod         119 *aic7xxx        
 92 *scsi_mod       

Character Devices:                      Block Devices:
  1 mem              10 misc              1 ramdisk          66 sd              
  2 pty/m%d          29 fb                2 fd              
  3 pty/s%d         128 ptm               3 ide0            
  4 tts/%d          136 pts/%d            8 sd              
  5 cua/%d          162 raw               9 md              
  7 vcs             180 usb              65 sd              

File Systems:
[rootfs]            [bdev]              [proc]              [sockfs]            
[tmpfs]             [shm]               [pipefs]            ext2                
[ramfs]             [devfs]             [devpts]            reiserfs            
[usbdevfs]          [usbfs]             vfat                iso9660



  2:32pm  up 2 days, 15:20,  1 user,  load average: 0,00, 0,00, 0,00
75 processes: 74 sleeping, 1 running, 0 zombie, 0 stopped
CPU states:  0,4% user,  0,6% system,  0,8% nice,  9,6% idle
CPU0 states:  0,0% user,  0,0% system,  0,0% nice,  0,106% idle
CPU1 states:  0,1% user,  0,5% system,  0,0% nice,  0,100% idle
Mem:   515952K av,  508016K used,    7936K free,       0K shrd,   99108K buff
Swap:  256888K av,  256700K used,     188K free                   49000K cached

  PID USER     PRI  NI  SIZE  RSS SHARE STAT %CPU %MEM   TIME COMMAND
28373 root      18   0  1028 1028   800 R     5,6  0,1   0:00 top
    1 root       0   0   132   84    68 S     0,0  0,0  11:08 init
    2 root       9   0     0    0     0 SW    0,0  0,0   0:02 keventd
    3 root      19  19     0    0     0 SWN   0,0  0,0   0:00 ksoftirqd_CPU0
    4 root      19  19     0    0     0 SWN   0,0  0,0   0:00 ksoftirqd_CPU1
    5 root       9   0     0    0     0 SW    0,0  0,0   1:06 kswapd
    6 root       9   0     0    0     0 SW    0,0  0,0   0:03 bdflush
    7 root      10   0     0    0     0 SW    0,0  0,0   0:38 kupdated
    8 root      -1 -20     0    0     0 SW<   0,0  0,0   0:00 mdrecoveryd
   12 root       9   0     0    0     0 SW    0,0  0,0   0:00 scsi_eh_0
   16 root      -1 -20     0    0     0 SW<   0,0  0,0   0:00 raid1d
   17 root      -1 -20     0    0     0 SW<   0,0  0,0   0:00 raid1d
   18 root      -1 -20     0    0     0 SW<   0,0  0,0   0:00 raid1d
   19 root      -1 -20     0    0     0 SW<   0,0  0,0   0:00 raid1d
   20 root      -1 -20     0    0     0 SW<   0,0  0,0   0:00 raid1d
   21 root      -1 -20     0    0     0 SW<   0,0  0,0   0:00 raid1d
   22 root      -1 -20     0    0     0 SW<   0,0  0,0   0:00 raid1d
   23 root       9   0     0    0     0 SW    0,0  0,0   0:00 kreiserfsd
  195 root       8   0   252  148    88 S     0,0  0,0   0:16 devfsd
  279 root       9   0     0    0     0 SW    0,0  0,0   0:00 khubd
  843 root       9   0   268  228   156 S     0,0  0,0   0:28 syslogd
  851 root       9   0   780    4     0 S     0,0  0,0   0:00 klogd
  902 daemon     9   0   148  108    80 S     0,0  0,0   0:00 atd
  935 root       9   0  1704 1704  1532 S     0,0  0,3   0:09 ntpd
 1031 root       0   0   176  120    88 S     0,0  0,0  39:42 crond
 1071 root       9   0    52    4     0 S     0,0  0,0   0:00 mingetty
 1072 root       9   0    52    4     0 S     0,0  0,0   0:00 mingetty
 1073 root       9   0    52    4     0 S     0,0  0,0   0:00 mingetty
 1074 root       9   0    52    4     0 S     0,0  0,0   0:00 mingetty
 1075 root       9   0    52    4     0 S     0,0  0,0   0:00 mingetty
 1220 root       9   0   412  284   212 S     0,0  0,0   5:31 sshd
 1281 root       9   0    52    4     0 S     0,0  0,0   0:00 mingetty
 2185 root       9   0    84    4     0 S     0,0  0,0   0:00 authdaemond.pla
 2186 root       9   0   324  268   212 S     0,0  0,0   0:15 authdaemond.pla
 2187 root       9   0   324  268   212 S     0,0  0,0   0:15 authdaemond.pla
 2189 root       9   0   324  268   212 S     0,0  0,0   0:15 authdaemond.pla
 2190 root       9   0   324  268   212 S     0,0  0,0   0:14 authdaemond.pla
 2191 root       9   0   324  268   212 S     0,0  0,0   0:15 authdaemond.pla
 2195 root       9   0   120   76    52 S     0,0  0,0   8:05 couriertcpd
 2198 root       9   0   224  208   164 S     0,0  0,0   0:02 courierlogger
 2210 root       9   0    68    4     0 S     0,0  0,0   0:00 couriertcpd
 2213 root       9   0    52    4     0 S     0,0  0,0   0:00 courierlogger
 2530 root       9   0  1532   76    52 S     0,0  0,0   0:04 httpd-perl
 2534 apache     9   0  1500    4     4 S     0,0  0,0   0:00 httpd-perl
 2535 apache     9   0  1500    4     4 S     0,0  0,0   0:00 httpd-perl
 2537 apache     9   0  1500    4     4 S     0,0  0,0   0:00 httpd-perl
 2539 apache     9   0  1500    4     4 S     0,0  0,0   0:00 httpd-perl
 2545 root       9   0  1292   84    64 S     0,0  0,0   0:05 httpd
 2552 root       9   0   244    4     0 S     0,0  0,0   0:00 advxsplitlogfil
 2553 apache     9   0  2892 1244  1016 S     0,0  0,2   0:01 httpd
 2554 apache     9   0  2884 1240  1016 S     0,0  0,2   0:01 httpd
 2555 apache     9   0  3584 1288  1024 S     0,0  0,2   0:04 httpd
 2556 apache     9   0  3156 1244  1012 S     0,0  0,2   0:02 httpd
 2558 apache     9   0  2880 1236  1012 S     0,0  0,2   0:02 httpd
 2559 apache     9   0  243M 139M  1052 S     0,0 27,6   0:34 httpd
 2560 apache     9   0  297M 169M     4 S     0,0 33,7   0:30 httpd
 3636 apache     9   0  2992 1220  1012 S     0,0  0,2   0:01 httpd
14603 nobody     9   0   432  140    96 S     0,0  0,0   0:00 proftpd
20800 apache     9   0  2120 1224  1040 S     0,0  0,2   0:00 httpd
20801 apache     9   0  2128 1228  1044 S     0,0  0,2   0:00 httpd
20802 apache     9   0  2124 1224  1040 S     0,0  0,2   0:00 httpd
10846 root       6   0   396  192   140 S     0,0  0,0   0:43 master
10851 postfix    9   0   664  464   364 S     0,0  0,0   0:22 nqmgr
10875 root       9   0   116    4     0 S     0,0  0,0   0:00 ravmd
10876 root       9   0  5532   72    52 S     0,0  0,0   0:10 ravmd
10907 root       9   0    76    4     0 S     0,0  0,0   0:00 ravpostfix
10908 root       8   0   108   48    32 S     0,0  0,0   0:02 ravpostfix
16068 root       9   0  3036   84    56 S     0,0  0,0   0:00 ravmd
26519 root       9   0  1616 1564  1392 S     0,0  0,3   0:00 sshd
26521 thomas    10   0  1728 1612  1396 S     0,0  0,3   0:00 sshd
26522 thomas     9   0  1608 1608  1172 S     0,0  0,3   0:00 bash
26557 root       9   0   988  988   800 S     0,0  0,1   0:00 su
26558 root      10   0  1616 1616  1176 S     0,0  0,3   0:04 bash
27575 postfix    9   0  1304 1304  1028 S     0,0  0,2   0:00 pickup
28077 thomas     9   0  1224 1224   528 S     0,0  0,2   0:01 imapd



*** Tämä viesti on VirusTarkistettu INRITEL OY:n postipalvelimella!! ***

--- End Message ---

[Cooker] MDK 9.0 fresh install on SMP machine, bugs? found...

Reply via email to