On Win7. To get an elevated shell, I typically do "$ ssh xxx@yyy". And
not very often.
Below is an excerpt of something potentially horrible that just happened.
Note the
rm *
I exited the shell. I did the "ssh..." again (yeah I'm crazy), in a
different bash window. And this time avast reported that it stashed
sshd.exe into the virus chest.
I'm not sure who/what the culprit is, or what's going on. But it does
look like there was (is?) some kind of infection somewhere on my system.
I had used ftp earlier to put a file to a remote, but...?
I didn't realize that netstat was a windows command (not that I wouldn't
have used it).
I've got the sshd.exe file. It has a date of Feb 18. So
* Can I check if the bits in sshd.exe are as expected?
* Any suggestions on cleaning up and/or restoring sanity? (I'm running
a full virus scan right now, should be amusing...)
* How can I get sshd.exe back? Is there a cygwin command to check that
the packages are all as they should be?
-ernie
=============== EXCERPT ==========================
$ ssh xxx@yyy
Last login: Mon May 18 21:37:37 2020 from 192.168.0.11
____________________, ______________________________________
.QQQQQQQQQQQQQQQQQQQQQQQQL_ | |
.gQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQ__
| |
........
ADMIN ~
$ netstat -b -a | less
######################### worked but had to ^Z/kill to get out
ADMIN ~
$
ADMIN ~
$
ADMIN ~
$ rm *
rm: cannot remove 'play': Is a directory
rm: cannot remove 'system': Is a directory
ADMIN erra@spirit ~
$
ADMIN ~/play
$ netstat -b -a | less
######################### let netstat complete normally, got out of
less ok
ADMIN ~/play
$ client_loop: send disconnect: Connection reset by peer
--
Problem reports: https://cygwin.com/problems.html
FAQ: https://cygwin.com/faq/
Documentation: https://cygwin.com/docs.html
Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple