On Sun, Apr 29, 2012 at 1:15 PM, jb <jb.1234a...@gmail.com> wrote: > Alejandro Imass <ait <at> p2ee.org> writes: > >> ... >> And there was a log of a couple of ftp connections the same day this >> happened, the ONLY 3 messages before the reboot at about 6 pm and they >> were NOT from any of our customers. Here are the log entries: >> >> Apr 27 05:54:37 nune ftp.proxy[2726]: connected to client: >> host-46-50-183-5.bbcustomer.zsttk.net, interface= 207.158.52.74:21 >> Apr 27 05:54:37 nune ftp.proxy[2726]: info: monitor mode: off, ccp: <unset> >> Apr 27 05:54:38 nune ftp.proxy[2726]: -ERR: missing hostname >> Apr 27 18:55:42 nune syslogd: kernel boot file is /boot/kernel/kernel >> ... > > What you should do right now is to get some recent general or security cd/dvd > with chkrootkit and rkhunter and run them from that external read-only media. > I would also suggest that you look over config files of all packages involved. > jb >
Thanks! Will do, but I don't know of any FreeBSD and/or derived distros for security. Or can I use any Linux security distro? I remember reading about some trouble of Linux chkrootkit on FBSD.... Thanks, -- Alejandro > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
