Well, it appears like we had a little malicious activity on the old OGF box over the weekend. Periodocally, the box gets attacked by script kiddies who know it's a stock RH 6 box and are hoping to get through the numerous security holes. We keep it pretty well patched (in fact, Steve is patching it some right now just in case). As far as we know, it hasn't been rootkitted. When these attacks happen, the kids often do interesting things to cause buffer overflows and disk space problems, and one of the tools they use fills up my logfiles with garbage sendmail entries. When they finally manage to fill the 3 or 4 hundred megabyte logfile volume, senmail barfs, majordomo stops responding, the system response grinds to a halt, and I usually start getting calls from people asking why the site is down. Starting two days ago, we tried to bring it back up, and have only been partially successful. We're investigating the box now, looking for rootkits and other bits of malicious code, and so far haven't found anything. I apologize if you've seen a bunch of test messages through the lists this evening - I have not been receiving list traffic, and it now appears that the problem might be on my end, not on the OGF box. But we're not entirely sure, so we're being safe rather than sorry. Ah, the joys of ISP ownership, and having a cheapo computer dangling at the end of an unsecured T3... Ryan ------------- For more information, please link to www.opengamingfoundation.org
