Chad Perrin wrote:
then updatedb and locate sploger so you're using
As was pointed out earlier in the thread, you can easily delete a file
after running it, so whatever was running may not exist on the disk any
more.
Also, it is completely trivial to change the name shown by ps simply by
If a simple 'locate sploger' shows nothing(run `periodic weekly` which
will update your locate database assuming you're keeping things
relatively stock), then in all likelihood you've got an intruder. If
some of the other tips posted give no help, and you've got time on your
hands, try `grep
On Thu, Oct 18, 2007 at 01:04:38AM -0500, Joshua Isom wrote:
If a simple 'locate sploger' shows nothing(run `periodic weekly` which
will update your locate database assuming you're keeping things
relatively stock), then in all likelihood you've got an intruder. If
some of the other tips
Can anyone explain this after ps -ax | grep perl
21893 ?? I 1:02.37 sploger (perl5.8.8)
29536 ?? R184:14.94 sploger (perl5.8.8)
29538 ?? R184:36.44 sploger (perl5.8.8)
30668 ?? R168:56.54 sploger (perl5.8.8)
What is sploger?
Sploger:
someone with little or
On Tuesday 16 October 2007, Jack Raats said:
HI
Can anyone explain this after ps -ax | grep perl
21893 ?? I 1:02.37 sploger (perl5.8.8)
29536 ?? R184:14.94 sploger (perl5.8.8)
29538 ?? R184:36.44 sploger (perl5.8.8)
30668 ?? R168:56.54 sploger (perl5.8.8)
What is
On Wed, October 17, 2007 08:44, Beech Rintoul wrote:
On Tuesday 16 October 2007, Jack Raats said:
What is sploger?
Jack
I believe that's part of qmail.
No, that's splogger.
Peter
--
http://www.boosten.org
___
Jack Raats wrote:
HI
Can anyone explain this after ps -ax | grep perl
21893 ?? I 1:02.37 sploger (perl5.8.8)
29536 ?? R184:14.94 sploger (perl5.8.8)
29538 ?? R184:36.44 sploger (perl5.8.8)
30668 ?? R168:56.54 sploger (perl5.8.8)
What is sploger?
# locate
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 10/17/07, Jack Raats wrote:
What is sploger?
IIRC, you can also do something like:
# pkg_info -p `which sploger`
That'll tell you what port owns that file at least.
- --
Andy Harrison
public key: 0x67518262
-BEGIN PGP SIGNATURE-
On Wed, Oct 17, 2007 at 07:14:07AM +0200, Jack Raats wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
HI
Can anyone explain this after ps -ax | grep perl
21893 ?? I 1:02.37 sploger (perl5.8.8)
29536 ?? R184:14.94 sploger (perl5.8.8)
29538 ?? R184:36.44 sploger
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
HI
Can anyone explain this after ps -ax | grep perl
21893 ?? I 1:02.37 sploger (perl5.8.8)
29536 ?? R184:14.94 sploger (perl5.8.8)
29538 ?? R184:36.44 sploger (perl5.8.8)
30668 ?? R168:56.54 sploger (perl5.8.8)
What is
The stangest thing is that I cann't find sploger on my system. After a
reboot sploger doesn't appear anymore, which makes it more stranger.
So you have done a:
find / -name sploger -type f
And nothing comes up? If that's the case, it sounds like it was a perl
script that was run, then
On Wed, 2007-10-17 at 22:05 +0200, Jack Raats wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
HI
Can anyone explain this after ps -ax | grep perl
21893 ?? I 1:02.37 sploger (perl5.8.8)
29536 ?? R184:14.94 sploger (perl5.8.8)
29538 ?? R184:36.44 sploger
Jack Raats wrote:
HI
Can anyone explain this after ps -ax | grep perl
21893 ?? I 1:02.37 sploger (perl5.8.8)
29536 ?? R184:14.94 sploger (perl5.8.8)
29538 ?? R184:36.44 sploger (perl5.8.8)
30668 ?? R168:56.54 sploger (perl5.8.8)
What is sploger?
Looks sort of
--On Wednesday, October 17, 2007 16:15:27 -0400 Josh Carroll
[EMAIL PROTECTED] wrote:
The stangest thing is that I cann't find sploger on my system. After a
reboot sploger doesn't appear anymore, which makes it more stranger.
So you have done a:
find / -name sploger -type f
And nothing
On Wed, 2007-10-17 at 16:07 -0500, Paul Schmehl wrote:
--On Wednesday, October 17, 2007 16:15:27 -0400 Josh Carroll
[EMAIL PROTECTED] wrote:
The stangest thing is that I cann't find sploger on my system. After a
reboot sploger doesn't appear anymore, which makes it more stranger.
So
--On Wednesday, October 17, 2007 23:51:39 +0200 Peo Nilsson
[EMAIL PROTECTED] wrote:
I scanned my FreeBSD 6.2-Release (ports up to date) with
Avira Antivir personal ed, some days ago. The scanner returned
this:
...snap
checking drive/path (cwd): /
Looks sort of like a Perl script running.
That, of course, doesn't say what it is doing.
The stangest thing is that I cann't find sploger on my system. After a
reboot sploger doesn't appear anymore, which makes it more stranger.
Post output of:
# last
# cat /root/.history
# ls -la /root
#
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
HI
Can anyone explain this after ps -ax | grep perl
21893 ?? I 1:02.37 sploger (perl5.8.8)
29536 ?? R184:14.94 sploger (perl5.8.8)
29538 ?? R184:36.44 sploger (perl5.8.8)
30668 ?? R168:56.54 sploger (perl5.8.8)
What is
18 matches
Mail list logo