My server had some apps running that should not have been there.
That is probably true. It's possible that Microsoft Windows(R) is one of them, in this case.
You have a hacker using your site to gather info on servers.
That doesn't ring true. Your machine is the one infected ....
The material you posted is not evidence of this. The FreeBSD ftp sites are public sites, and the alleged "hacker" <did you possibly mean "cracker" or "script kiddie" or "bad guy"?> appears to simply be, in your example, connecting to a number of known high speed ftp servers to mine data about your internet connectivity.
What are your plans to stop? What is your phone number and contact name?
The information for freebsd.org is, well, kind of where you'd expect it to be --- at the Project's web site.
Here is part of the script.
I note that it's a Windows script, so it is, I suppose, rather OT for this list....
Notice USA as the country.
I notice a number of countries mentioned. Considering the Internet is world wide, that's not surprising to me.
This is one of many batch files that were found on my server.
If it is your server, you should probably be asking yourself, "what about my server and configuration allowed these files to be placed there, and what can I do to both fix the situation now and see that it doesn't happen again?"
Perhaps you should look into running a more secure operating system on a server that is connected to a hostile Internet. Could we recommend a *BSD ?
Kevin Kinsey _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"