Re: Network slowdowns...
On Sun, Mar 24, 2002 at 10:39:17AM +, Jonathan Belson wrote:
Jonathan Belson wrote:
Hiya
I've recently been experiencing slowdowns on my server's outgoing
network port, which occur after half a day to a day after the last
reboot.
After trying a few things that were suggested to me, I realised
what the problem was. Without the DEFAULT_TO_ACCEPT option my
DHCP client couldn't re-lease the IP from my ISP's DHCP servers
and presumably ended up using an invalid IP..
I've added the following firewall rules:
# DHCP
${fwcmd} add pass tcp from any to ${oip} 67 setup
${fwcmd} add pass udp from any to ${oip} 67
${fwcmd} add pass udp from ${oip} 67 to any
${fwcmd} add pass tcp from any to ${oip} 68 setup
${fwcmd} add pass udp from any to ${oip} 68
${fwcmd} add pass udp from ${oip} 68 to any
and removed the line
${fwcmd} add deny all from 0.0.0.0/8 to any via ${oif}
You can be a little more specific about it if you want. First, DHCP
never uses TCP even though those ports are reserved. Second, ports 67
and 68 are always the source and destination and vice-versa. Also, you
may know the range of IPs in which your DHCP server lives. I used to
use the following rules in my rc.firewall. The external rules really
mean this machine is a DHCP client, and the internal rules were for
the machine acting as a DHCP server for the internal NAT'ed
network (it is assumed that UDP from $iip to valid internal addresses
is freely passed elsewhere in the rules). To use these, for any
interface that is being configured via DHCP, you must also set,
dhcps_if0=192.0.2.0/24
dhcpc_if0=192.0.2.0/24
Where the first is the IP range for the server for interface if0, and
the second is the valid range of client IPs that may be addressed to
if0. If you don't have any idea what a value might be, use any.
Obviously, any valid IP address or network format can be used for
either.
# Let external DHCP work
for dhclient_interface in ${network_interfaces}; do
eval ifconfig_args=\$ifconfig_${dhclient_interface}
case ${ifconfig_args} in
[Dd][Hh][Cc][Pp])
eval dhcpc_range=\$dhcpc_$dhclient_interface
eval dhcps_range=\$dhcps_$dhclient_interface
$fwcmd add pass udp from ${dhcpc_range} 68 to ${dhcps_range} 67 out via
${dhclient_interface}
$fwcmd add pass udp from ${dhcps_range} 67 to ${dhcpc_range} 68 in via
${dhclient_interface}
$fwcmd add pass udp from 0.0.0.068 to 255.255.255.255 67 out via
${dhclient_interface}
$fwcmd add pass udp from ${dhcps_range} 67 to 255.255.255.255 68 in via
${dhclient_interface}
;;
esac
done
# Let internal DHCP work
if [ $dhcpd_interface ]; then
$fwcmd add pass udp from 0.0.0.0 68 to 255.255.255.255 67 in via ${dhcpd_interface}
$fwcmd add pass udp from ${iip} 67 to 255.255.255.255 68 out via ${dhcpd_interface}
fi
--
Crist J. Clark | [EMAIL PROTECTED]
| [EMAIL PROTECTED]
http://people.freebsd.org/~cjc/| [EMAIL PROTECTED]
To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-stable in the body of the message
Re: mergemaster mtree:No such file or directory
On Sun, Mar 24, 2002 at 03:25:30PM -0800, Ryan Davis wrote: On Sunday, March 24, 2002, at 10:45 AM, Randy Bush wrote: mtree -deU -f /usr/src/etc/mtree/BSD.root.dist -p /var/tmp/temproot/ mtree:No such file or directory Looks like /usr/sbin isn't in your PATH. something changed in bash 5 on this and only this host. it wanted 'export' before 'PATH=' in /etc/profile. thanks for the help Maybe a naive question, but: Shouldn't the build system (including mergemaster) be impervious to side-effects from things like PATH? I could easily envision situations where one might want to play games with one's PATH when using mergemaster(8). I think having mergemaster(8) toss aside the user's PATH and essentially hardcode its own makes the tool much less flexible, violates POLA, and generally violates the whole purpose of PATH and environmental variables. I think giving mergemaster(8) a PATH that includes all of the tools it needs to run is not a lot to ask. -- Crist J. Clark | [EMAIL PROTECTED] | [EMAIL PROTECTED] http://people.freebsd.org/~cjc/| [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message
Re: mergemaster mtree:No such file or directory
I think giving mergemaster(8) a PATH that includes all of the tools it needs to run is not a lot to ask. it would more normal to this over-attenuated hacker to give commands explicit paths randy To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message
Troubles with new ATA !!!
Hi! sorry for my english :( I have system: FreeBSD 4.5-STABLE #8: Sat Mar 23 18:09:07 EET 2002 I do not have secondary IDE interface on my box. (it disabled in BIOS and disabled in kernel config). But new ATA driver occupy irq 15: atapci0: Intel PIIX4 ATA33 controller port 0xf000-0xf00f at device 7.1 on pci0 ata0: at 0x1f0 irq 14 on atapci0 ata1: at 0x170 irq 15 on atapci0 My multiport card use irq 15 and after disk mounting system die (in single user mode system work normal) Release 4.5 do not have this problem. How can I do to solve this trouble ??? -- Vladislav V. Zhuk (06267)3-60-03 [EMAIL PROTECTED] 2:[EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message
Re: mergemaster mtree:No such file or directory
I agree vigorously with Randy's point. If people want to play games, they can edit mergemaster or, as with everything else, we should have it dot an optional /etc/mergemaster.conf file after setting its defaults. Would /usr/bin/make buildworld do funny things if PATH were odd? On Sun, Mar 24, 2002 at 03:48:45PM -0800, Randy Bush wrote: I think giving mergemaster(8) a PATH that includes all of the tools it needs to run is not a lot to ask. it would more normal to this over-attenuated hacker to give commands explicit paths -- Barney Wolff I never met a computer I didn't like. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message
RE: my system doesn't recognize the two cd-rom units i have
Even more odd I made a boot CD of 4.5-20020322-STABLE and I was able to boot from my IDE CD-ROM but then after I configured all the install settings I picked DVC/CD-ROM as the install media and I got CD-ROM not recongnized? It obviously can see it as it booted up the CD to begin with, odd thing is it can't see it after choosing the install settings, I didn't remove anything or add anything from the default devices it uses on the initial boot up? Anyone else experiencing this? Jorge On Sun, 24 Mar 2002, Willie Viljoen wrote: That should actually work fine... can you attatch the output from dmesg to an email for me? On Sun, 24 Mar 2002, Razvan Cremenescu wrote: well, i am aware of that, but it worked since now... what can i add to this:? # ATA and ATAPI devices device ata0at isa? port IO_WD1 irq 14 device ata1at isa? port IO_WD2 irq 15 device ata device atadisk # ATA disk drives device atapicd # ATAPI CDROM drives device atapifd # ATAPI floppy drives device atapist # ATAPI tape drives options ATA_STATIC_ID #Static device numbering i found this in LINT also. that's all there is. Razvan Cremenescu, = Network Operations Center Pitesti e-mail: [EMAIL PROTECTED] Tel:+40-48-250015 int. 25 +40-48-251112 int. 25 Mobile: +40-92-685805 = Terra Sat Comp Resita 1700 CS, Romania http://www.terrasat.ro [EMAIL PROTECTED] Tel:+40-55-220012 +40-55-220013 Fax:+40-55-220117 = To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message -- Willie Viljoen Private IT Consultant 214 Paul Kruger Avenue Universitas Bloemfontein 9321 South Africa +27 51 522 15 60, a/h +27 51 522 44 36 +27 82 404 03 27 [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message
Re: mergemaster mtree:No such file or directory
On Sun, Mar 24, 2002 at 03:48:45PM -0800, Randy Bush wrote: I think giving mergemaster(8) a PATH that includes all of the tools it needs to run is not a lot to ask. it would more normal to this over-attenuated hacker to give commands explicit paths Again, I think this is a bad idea. I see places one might want to take advangate of PATH. Example: You have a computer with two FreeBSD systems living on it. They are different versions. You totally bork one system and boot from the second system to repair the first. The mtree(8) files (or other tools) on the first system (the one being saved) are not compatible with the binaries on the running, recovery system. You can set the PATH as appropriate to run the binaries on the other system (in concert with -m and -D) and repair the messed up system despite incompatibilities. (Sure, you could still have compatibility problems, but this is one place you have the ability to configure it as you wish.) -- Crist J. Clark | [EMAIL PROTECTED] | [EMAIL PROTECTED] http://people.freebsd.org/~cjc/| [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message
Re: top wrong again?
On Sunday 24 March 2002 05:10 pm, Jesse Geddis wrote: holy spam batman! it looks like majordomo is resending old messages. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Dave Uhring Sent: Thursday, March 14, 2002 9:56 PM To: [EMAIL PROTECTED]; Jonathan Chen Cc: Kris Kennaway; [EMAIL PROTECTED] Subject: Re: top wrong again? On Thursday 14 March 2002 23:38, Jesse Geddis wrote: here, different machine while compiling the kernel. maybe this is more along the lines of the original email: With 90% idle, I'd expect to see most of your process running 0%; so there doesn't appear to be anything wrong with your top output. OK, then try this one. I'm running make buildworld on a 4.5-RELEASE system with sources CVSup'd about 1/2 hour ago. I didn't receive that one again. How come other people got it?? To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message
Re: Troubles with new ATA !!!
On Sun, 2002-03-24 at 02:53, Vladislav V. Zhuk wrote: My multiport card use irq 15 and after disk mounting system die (in single user mode system work normal) Release 4.5 do not have this problem. How can I do to solve this trouble ??? I believe you can possibly work around it by doing 'atacontrol detach 1' but I am not 100% certain. It should probably be fixed in the code but I don't know how to do that :) --- Daniel O'Connor software and network engineer for Genesis Software - http://www.gsoft.com.au The nice thing about standards is that there are so many of them to choose from. -- Andrew Tanenbaum To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message
RE: top wrong again?
was only the ppl in the original to: and cc: fields who did. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Dave Uhring Sent: Sunday, March 24, 2002 4:17 PM To: [EMAIL PROTECTED]; Jonathan Chen Cc: Kris Kennaway; [EMAIL PROTECTED] Subject: Re: top wrong again? On Sunday 24 March 2002 05:10 pm, Jesse Geddis wrote: holy spam batman! it looks like majordomo is resending old messages. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Dave Uhring Sent: Thursday, March 14, 2002 9:56 PM To: [EMAIL PROTECTED]; Jonathan Chen Cc: Kris Kennaway; [EMAIL PROTECTED] Subject: Re: top wrong again? On Thursday 14 March 2002 23:38, Jesse Geddis wrote: here, different machine while compiling the kernel. maybe this is more along the lines of the original email: With 90% idle, I'd expect to see most of your process running 0%; so there doesn't appear to be anything wrong with your top output. OK, then try this one. I'm running make buildworld on a 4.5-RELEASE system with sources CVSup'd about 1/2 hour ago. I didn't receive that one again. How come other people got it?? To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message
[no subject]
To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message
RE: ATA MFC - Suspend/resume causes panicA
Ian Dowse - thanks for posting the patch. It works great and saved me a lot of pain. For the record, I have never anything like this before, and I've been doing stable builds on this same hardware since 4.2 (about every 6 weeks). My error was: ata0 resetting devices .. Fatal trap 12: page fault while in kernel mode fault virtual address = 0x70 fault code = supervisor read, page not present instruction pointer = 0x8:0xc01da9e8 stack pointer = 0x10:0xc03b56dc frame pointer = 0x10:0xc03b5700 code segment= base 0x0, limit 0xf, type 0x1b = DPL 0, pres 1, def32 1, gran 1 processor eflags= interrupt enabled, resume, IOPL = 0 current process = Idle interrupt mask = net tty bio cam trap number = 12 panic: page fault To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message
make: 1: Syntax error: ( unexpected
I am trying to update my 4.5-stable system, and I keep getting the error make: 1: Syntax error: ( unexpected I try to run make cleandir and it fails with that error message. Any of the other make commands that are executed in the /usr/src directory fail the exact same way. I have deleted all of /usr/src, and re cvsup'd, with same results. Been like this for about 10 days. I think I changed my make.conf, but I copied the one from /usr/src/etc/defaults to /etc/defaults. Dmesg, and my build script are at [http://www.theapt.org/freebsd.html] I'm fairly certain I messed up a config file or two, but I don't know what files I messed up. -- To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message
Re: make: 1: Syntax error: ( unexpected
On Sun, Mar 24, 2002 at 08:28:08PM -0800, Peter Hessler wrote: I am trying to update my 4.5-stable system, and I keep getting the error make: 1: Syntax error: ( unexpected The error text you're getting shows that you aren't using the standard make in /usr/bin. Looks like you're invoking GNU make instead - not a good idea; it should have been installed as gmake and not make. -- Jonathan Chen [EMAIL PROTECTED] --- One, with God, is always a majority, but many a martyr has been burned at the stake while the votes were being counted. -- Thomas B. Reed To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message
Re: mergemaster mtree:No such file or directory
On Sunday, March 24, 2002, at 06:48 , Randy Bush wrote: I think giving mergemaster(8) a PATH that includes all of the tools it needs to run is not a lot to ask. it would more normal to this over-attenuated hacker to give commands explicit paths Or at least have mergemaster extend PATH to include well-known directories if it couldn't find things in the current path that it needed. Joe To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message
attempted exploits
wow, this person is quite effective. they've been trying this since this morning 4mins after i got my web server up. been doing it every half hour for 7 hours lol. trying to execute arbitrary Windows code on a FreeBSD server! [Sun Mar 24 20:41:55 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/scripts/..Á../winnt/system32/cmd.exe [Sun Mar 24 20:42:05 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/scripts/..À¯../winnt/system32/cmd.exe [Sun Mar 24 20:42:10 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/scripts/..Á../winnt/system32/cmd.exe [Sun Mar 24 20:42:29 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/scripts/..%5c../winnt/system32/cmd.exe [Sun Mar 24 21:13:11 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/scripts/root.exe [Sun Mar 24 21:13:12 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/MSADC/root.exe [Sun Mar 24 21:13:13 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/c/winnt/system32/cmd.exe [Sun Mar 24 21:13:14 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/d/winnt/system32/cmd.exe [Sun Mar 24 21:13:15 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/scripts/..%5c../winnt/system32/cmd.exe [Sun Mar 24 21:13:17 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.e xe [Sun Mar 24 21:13:19 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.e xe [Sun Mar 24 21:13:20 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/msadc/..%5c../..%5c../..%5c/..Á../..Á../..Á../winnt/s ystem32 /cmd.exe Jesse Geddis My fellow Americans, I've signed legislation that will outlaw Russia forever. We begin bombing in five minutes. --Ronald Reagan _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message
Re: make: 1: Syntax error: ( unexpected
In message: [EMAIL PROTECTED] Jonathan Chen [EMAIL PROTECTED] writes: : On Sun, Mar 24, 2002 at 08:28:08PM -0800, Peter Hessler wrote: : I am trying to update my 4.5-stable system, and I keep getting the : error make: 1: Syntax error: ( unexpected : : The error text you're getting shows that you aren't using the standard : make in /usr/bin. Looks like you're invoking GNU make instead - not a : good idea; it should have been installed as gmake and not make. It might also be due to a corrupt make binary. The kernel thinks it is a shell script... Warner To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message
Re: attempted exploits
[Format recovered--see http://www.lemis.com/email/email-format.html] Log output wrapped. On Sunday, 24 March 2002 at 21:52:40 -0800, Jesse Geddis wrote: wow, this person is quite effective. they've been trying this since this morning 4mins after i got my web server up. been doing it every half hour for 7 hours lol. trying to execute arbitrary Windows code on a FreeBSD server! [Sun Mar 24 20:41:55 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/scripts/..Á../winnt/system32/cmd.exe [Sun Mar 24 20:42:05 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/scripts/..À¯../winnt/system32/cmd.exe [Sun Mar 24 20:42:10 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/scripts/..Á../winnt/system32/cmd.exe [Sun Mar 24 20:42:29 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/scripts/..%5c../winnt/system32/cmd.exe [Sun Mar 24 21:13:11 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/scripts/root.exe [Sun Mar 24 21:13:12 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/MSADC/root.exe [Sun Mar 24 21:13:13 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/c/winnt/system32/cmd.exe [Sun Mar 24 21:13:14 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/d/winnt/system32/cmd.exe [Sun Mar 24 21:13:15 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/scripts/..%5c../winnt/system32/cmd.exe [Sun Mar 24 21:13:17 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe [Sun Mar 24 21:13:19 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe [Sun Mar 24 21:13:20 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/msadc/..%5c../..%5c../..%5c/..Á../..Á../..Á../winnt/system32/cmd.exe Nimda. http://www.cert.org/advisories/CA-2001-26.html Greg -- When replying to this message, please take care not to mutilate the original text. For more information, see http://www.lemis.com/email.html See complete headers for address and phone numbers To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message
RE: attempted exploits
Welcome back Nimda! We have noticed a sharp rise in the number of attacks starting over the weekend here. Jarrod Sayers Information Technology Services Unit University of South Australia, Magill Campus. Phone: +61 8 8302 4809 http://people.unisa.edu.au/jarrod.sayers -Original Message- From: Jesse Geddis [mailto:[EMAIL PROTECTED]] Sent: Monday, 25 March 2002 4:23 PM To: FreeBSD-STABLE Subject: attempted exploits wow, this person is quite effective. they've been trying this since this morning 4mins after i got my web server up. been doing it every half hour for 7 hours lol. trying to execute arbitrary Windows code on a FreeBSD server! [Sun Mar 24 20:41:55 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/scripts/..Á../winnt/system32/cmd.exe [Sun Mar 24 20:42:05 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/scripts/..À¯../winnt/system32/cmd.exe [Sun Mar 24 20:42:10 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/scripts/..Á../winnt/system32/cmd.exe [Sun Mar 24 20:42:29 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/scripts/..%5c../winnt/system32/cmd.exe [Sun Mar 24 21:13:11 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/scripts/root.exe [Sun Mar 24 21:13:12 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/MSADC/root.exe [Sun Mar 24 21:13:13 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/c/winnt/system32/cmd.exe [Sun Mar 24 21:13:14 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/d/winnt/system32/cmd.exe [Sun Mar 24 21:13:15 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/scripts/..%5c../winnt/system32/cmd.exe [Sun Mar 24 21:13:17 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.e xe [Sun Mar 24 21:13:19 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.e xe [Sun Mar 24 21:13:20 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/msadc/..%5c../..%5c../..%5c/..Á../..Á../..Á../winnt/s ystem32 /cmd.exe Jesse Geddis My fellow Americans, I've signed legislation that will outlaw Russia forever. We begin bombing in five minutes. --Ronald Reagan _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message
RE: attempted exploits
rotflol, I called the guy who owned this box (hit their web server got their phone number phone menus etc) and it was hilarious. I told him either someone is at his office screwing around or his box has been compromised. I portscanned his box and noticed how wide open it was so this was the assumption I followed. on top of the fact that I am not on his broadcast domain so its not regular windows NETBIOS Spam. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Jarrod Sayers Sent: Sunday, March 24, 2002 9:58 PM To: '[EMAIL PROTECTED]'; FreeBSD-STABLE Subject: RE: attempted exploits Welcome back Nimda! We have noticed a sharp rise in the number of attacks starting over the weekend here. Jarrod Sayers Information Technology Services Unit University of South Australia, Magill Campus. Phone: +61 8 8302 4809 http://people.unisa.edu.au/jarrod.sayers -Original Message- From: Jesse Geddis [mailto:[EMAIL PROTECTED]] Sent: Monday, 25 March 2002 4:23 PM To: FreeBSD-STABLE Subject: attempted exploits wow, this person is quite effective. they've been trying this since this morning 4mins after i got my web server up. been doing it every half hour for 7 hours lol. trying to execute arbitrary Windows code on a FreeBSD server! [Sun Mar 24 20:41:55 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/scripts/..Á../winnt/system32/cmd.exe [Sun Mar 24 20:42:05 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/scripts/..À¯../winnt/system32/cmd.exe [Sun Mar 24 20:42:10 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/scripts/..Á../winnt/system32/cmd.exe [Sun Mar 24 20:42:29 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/scripts/..%5c../winnt/system32/cmd.exe [Sun Mar 24 21:13:11 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/scripts/root.exe [Sun Mar 24 21:13:12 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/MSADC/root.exe [Sun Mar 24 21:13:13 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/c/winnt/system32/cmd.exe [Sun Mar 24 21:13:14 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/d/winnt/system32/cmd.exe [Sun Mar 24 21:13:15 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/scripts/..%5c../winnt/system32/cmd.exe [Sun Mar 24 21:13:17 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.e xe [Sun Mar 24 21:13:19 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.e xe [Sun Mar 24 21:13:20 2002] [error] [client 63.198.148.139] File does not exist: /archive/www/cia/msadc/..%5c../..%5c../..%5c/..Á../..Á../..Á../winnt/s ystem32 /cmd.exe Jesse Geddis My fellow Americans, I've signed legislation that will outlaw Russia forever. We begin bombing in five minutes. --Ronald Reagan _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message
Re: mergemaster mtree:No such file or directory
On Sun, 24 Mar 2002, Ryan Davis wrote: [...snip...] I've seen weird cases lately where the solution to some poor fool's port building problem is Take '.' out of your path. That's just NOT going to help us increase the usability of our favorite OS, is it? Having . in your PATH is a security risk. I don't have any problem making life difficult for people who have . in their PATH. -- Chris BeHanna Software Engineer (Remove bogus before responding.) [EMAIL PROTECTED] I was raised by a pack of wild corn dogs. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message
Re: make: 1: Syntax error: ( unexpected
It looks like the make executable is bunk. I am using bsd make, not gmake. Now I need to generate make w/o make. (yay!) At 10:56 PM -0700 3/24/2002, M. Warner Losh wrote: In message: [EMAIL PROTECTED] Jonathan Chen [EMAIL PROTECTED] writes: : On Sun, Mar 24, 2002 at 08:28:08PM -0800, Peter Hessler wrote: : I am trying to update my 4.5-stable system, and I keep getting the : error make: 1: Syntax error: ( unexpected : : The error text you're getting shows that you aren't using the standard : make in /usr/bin. Looks like you're invoking GNU make instead - not a : good idea; it should have been installed as gmake and not make. It might also be due to a corrupt make binary. The kernel thinks it is a shell script... Warner To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message -- To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message
Re: make: 1: Syntax error: ( unexpected
In message: a05101001b8c474c19623@[208.201.244.160] Peter Hessler [EMAIL PROTECTED] writes: : It looks like the make executable is bunk. I am using bsd make, not : gmake. Now I need to generate make w/o make. (yay!) Been there, done that, hated it. Your best bet is to grab one off a cdrom or some other machine... And check other binaries to see if there were other oopses. Warner To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message
