Date: Mon, 19 Apr 2004 09:22:52 -0400 From: "JJB" <Barbish3@adelphia.net> To: "James T. Harrison" <james@aricsi.com>, <freebsd-questions@FreeBSD.org> Subject: RE: comments Message-ID: <MIEPLLIBMLEEABPDBIEGEEEIFMAA.Barbish3@adelphia.net> In-Reply-To: <000801c4260a$ab688a20$87312330@icsi.local>
next in thread | previous in thread | raw e-mail | index | archive | help
Bud
Your MS/windows box is the one that has been compromised.
Your problem has nothing to do with FreeBSD org, or the FBSD
operating system.
You need Norton personal firewall and virus checker to cleanup your
system and stop it from happening again.
-----Original Message-----
From: owner-freebsd-questions@freebsd.org
[mailto:owner-freebsd-questions@freebsd.org]On Behalf Of James T.
Harrison
Sent: Monday, April 19, 2004 8:35 AM
To: freebsd-questions@FreeBSD.org
Subject: comments
My server had some apps running that should not have been there.
You have a hacker using your site to gather info on servers.
What are your plans to stop? What is your phone number and contact
name?
Here is part of the script. Notice USA as the country. This is one
of many batch files that were found on my server.
@echo off
echo
*-------------------------------------------------------------------
*>info.txt
echo *--Computer
--*>>info.txt
echo
*-------------------------------------------------------------------
*>>info.txt
psinfo.exe -d >>info.txt
echo
*-------------------------------------------------------------------
*>>info.txt
echo *--List of Current Processes
--*>>info.txt
echo
*-------------------------------------------------------------------
*>>info.txt
pslist.exe>>info.txt
echo
*-------------------------------------------------------------------
*>>info.txt
echo *--Result of speed test from various
--*>>info.txt
echo
*-------------------------------------------------------------------
*>>info.txt
echo COUNTRY: DENMARK >>info.txt
ftpc.exe -n -A -s:ftpc.cmds ftp.dk.FreeBSD.org >Status-1of15
findstr /C:"bytes rec" Status-1of15>>info.txt
del ncurses.tar.gz
echo
*-------------------------------------------------------------------
*>>info.txt
echo COUNTRY: GERMANY >>info.txt
del Status-1of15
ftpc.exe -n -A -s:ftpc.cmds ftp.de.freebsd.org >Status-2of15
findstr /C:"bytes rec" Status-2of15 >>info.txt
del ncurses.tar.gz
echo
*-------------------------------------------------------------------
*>>info.txt
echo COUNTRY: NETHERLANDS >>info.txt
del Status-2of15
ftpc.exe -n -A -s:ftpc.cmds ftp2.nl.freebsd.org >Status-3of15
findstr /C:"bytes rec" Status-3of15 >>info.txt
del ncurses.tar.gz
echo
*-------------------------------------------------------------------
*>>info.txt
echo COUNTRY: USA >>info.txt
del Status-3of15
ftpc.exe -n -A -s:ftpc.cmds ftp1.FreeBSD.org >Status-4of15
findstr /C:"bytes rec" Status-4of15 >>info.txt
del ncurses.tar.gz
echo
*-------------------------------------------------------------------
*>>info.txt
echo COUNTRY: USA2 >>info.txt
del Status-4of15
ftpc.exe -n -A -s:ftpc2.cmds ftp.lucasarts.com >Status-5of15
findstr /C:"bytes rec" Status-5of15 >>info.txt
del Indyprev.zip
echo
*-------------------------------------------------------------------
*>>info.txt
echo COUNTRY: Canada >>info.txt
del Status-5of15
ftpc.exe -n -A -s:ftpca.cmds ftp.crc.ca >Status-6of15
findstr /C:"bytes rec" Status-6of15 >>info.txt
del latest-defs.exe
echo
*-------------------------------------------------------------------
*>>info.txt
echo COUNTRY: SWEDEN >>info.txt
del Status-6of15
ftpc.exe -n -A -s:ftpc.cmds ftp.se.FreeBSD.org >Status-7of15
findstr /C:"bytes rec" Status-7of15 >>info.txt
del ncurses.tar.gz
echo
*-------------------------------------------------------------------
*>>info.txt
echo COUNTRY: UK >>info.txt
del Status-7of15
ftpc.exe -n -A -s:ftpc.cmds ftp.uk.FreeBSD.org >Status-8of15
findstr /C:"bytes rec" Status-8of15 >>info.txt
del ncurses.tar.gz
echo
*-------------------------------------------------------------------
*>>info.txt
echo COUNTRY: FRANCE >>info.txt
del Status-8of15
ftpc.exe -n -A -s:ftpc.cmds ftp8.fr.FreeBSD.org >Status-9of15
findstr /C:"bytes rec" Status-9of15 >>info.txt
del ncurses.tar.gz
echo
*-------------------------------------------------------------------
*>>info.txt
echo COUNTRY: NL 2 >>info.txt
del Status-9of15
ftpc.exe -n -A -s:ftpco.cmds 194.171.240.20 >Status-10of15
findstr /C:"bytes rec" Status-10of15 >>info.txt
del patch-2.4.19.gz
echo
*-------------------------------------------------------------------
*>>info.txt
echo COUNTRY: NL 3 >>info.txt
del Status-10of15
ftpc.exe -n -A -s:ftpce.cmds ftp.euronet.nl >Status-11of15
findstr /C:"bytes rec" Status-11of15 >>info.txt
del 5M.bin
echo
*-------------------------------------------------------------------
*>>info.txt
echo COUNTRY: NL 4 >>info.txt
del Status-11of15
ftpc.exe -n -A -s:ftpcy.cmds ftp.chello.nl >Status-12of15
findstr /C:"bytes rec" Status-12of15 >>info.txt
del LT.zip
echo
*-------------------------------------------------------------------
*>>info.txt
echo COUNTRY: NO >>info.txt
del Status-12of15
ftpc.exe -n -A -s:ftpcx.cmds ftp.no.FreeBSD.org >Status-13of15
findstr /C:"bytes rec" Status-13of15 >>info.txt
del MBM5300.EXE
echo
*-------------------------------------------------------------------
*>>info.txt
echo COUNTRY: AT >>info.txt
del Status-13of15
ftpc.exe -n -A -s:ftpch.cmds ftp.chello.at >Status-14of15
findstr /C:"bytes rec" Status-14of15 >>info.txt
del dx5ger.exe
echo
*-------------------------------------------------------------------
*>>info.txt
echo COUNTRY: HU >>info.txt
del Status-14of15
ftpc.exe -n -A -s:ftpch.cmds ftp.chello.hu >Status-15of15
findstr /C:"bytes rec" Status-15of15 >>info.txt
del dx5ger.exe
del Status-15of15
echo *----------------------------------
DONE ---------------------------*>>info.txt
echo . > "+Speed Test Complete"
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"freebsd-questions-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?MIEPLLIBMLEEABPDBIEGEEEIFMAA.Barbish3>