[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] SMTP problem / possible hack?
- Subject: Re: [cobalt-users] SMTP problem / possible hack?
- From: "oxfordmusic.net" <lists@xxxxxxxxxxxxxxx>
- Date: Tue Dec 9 05:58:13 2003
- List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>
> This morning I started to receive calls from clients, telling me that they
> could not send email. On investigation I found out that users could not
send
> emails to anybody outside my Raq4 box, receiving a 'relaying denied
error'.
> I tested using Openwebmail, and this worked fine. I then rebooted the
> server, and all seems O.K. for the moment.
>
i have had problems with POPb4SMTP resetting itself on one of my RaQ4 boxes.
> However, a couple of other strange events have been happening recently.
>
> (1) I am getting regular Chkrootkit warnings such as:
> Checking `lkm'... You have 7 process hidden for readdir command
> You have 10 process hidden for ps command
> Warning: Possible LKM Trojan installed
>
> This does not happen on every Chkrootkit check, which happens every 12
hrs.
Chkrootkit can throw up a number of false positives. i believe that on a
fairly busy box this can be one of them (as processes die or are spawned
during the Chkrootkit process).
>
> (2) Also this morning I received this from the server
>
> ./md2.1ssl.gz: No such file or directory
> ./md4.1ssl.gz: No such file or directory
> ./md5.1ssl.gz: No such file or directory
> ./mdc2.1ssl.gz: No such file or directory
> ./ripemd160.1ssl.gz: No such file or directory
> ./sha.1ssl.gz: No such file or directory
> ./sha1.1ssl.gz: No such file or directory
> ./DES.7ssl.gz: No such file or directory
> ./Modes.7ssl.gz: No such file or directory
> ./of.7ssl.gz: No such file or directory
get these every week. i believe it's some manual files that are missing on
the RaQ and not too much to worry about.