[Previo por Fecha] [Siguiente por Fecha] [Previo por Hilo] [Siguiente por Hilo]
[Hilos de Discusión] [Fecha] [Tema] [Autor]
Chavos!!!
Bueno por algunas razones habia apagado el sendmail de mi server y hace un
momento teclee: sendmail -q
nada mas para mandar el email que tenia pendiente!
entonces me llego el siguiente email de error!
Date: Wed, 4 Apr 2001 20:28:04 -0500
From: Mail Delivery Subsystem <MAILER-DAEMON en xxxx xxxx xxx>
To: root en xxx xxxxxxxx xxx
Subject: Warning: could not send message for past 4 hours
Parts/Attachments:
1 Shown 15 lines Text
2 Shown 301 bytes Message, "Delivery Status"
3 Shown 20 KB Message, "xxx.xxx.xxx.xxx"
3.1 Shown 920 lines Text
----------------------------------------
**********************************************
** THIS IS A WARNING MESSAGE ONLY **
** YOU DO NOT NEED TO RESEND YOUR MESSAGE **
**********************************************
The original message was received at Wed, 4 Apr 2001 13:29:51 -0500
from root@localhost
----- The following addresses had transient non-fatal errors -----
adore9000 en sina com
----- Transcript of session follows -----
adore9000 en sina com... Deferred: mail.sina.com.cn.: No route to host
Warning: message still undelivered after 4 hours
Will keep trying until message is 5 days old
[ Part 2: "Delivery Status" ]
Reporting-MTA: dns; thor.celnet.com.mx
Arrival-Date: Wed, 4 Apr 2001 13:29:51 -0500
Final-Recipient: RFC822; adore9000 en sina com
Action: delayed
Status: 4.4.1
Remote-MTA: DNS; mail.sina.com.cn
Last-Attempt-Date: Wed, 4 Apr 2001 20:28:04 -0500
Will-Retry-Until: Mon, 9 Apr 2001 13:29:51 -0500
[ Part 3: "Included Message" ]
Date: Wed, 4 Apr 2001 13:29:51 -0500
From: root <root>
To: adore9000 en sina com
Subject: xxx.xxx.xxx.xxx
/**************************HOST IP*****************************/
eth0 Link encap:Ethernet HWaddr 00:50:04:D0:C4:2B
inet addr:xxx.xx.xx.x Bcast:xxx.xx.xx.x Mask:xxx.xxx.xxx.xxx
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:5059512 errors:2 dropped:0 overruns:0 frame:3
TX packets:5375073 errors:0 dropped:0 overruns:0 carrier:25
collisions:85489 txqueuelen:100
Interrupt:10 Base address:0x6500
eth0:0 Link encap:Ethernet HWaddr 00:50:04:D0:C4:2B
inet addr:192.168.0.254 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0x6500
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:3924 Metric:1
RX packets:85311 errors:0 dropped:0 overruns:0 frame:0
TX packets:85311 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
/**************************PS*********************************/
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.0 1324 124 ? S Mar24 0:06 init [3]
root 2 0.0 0.0 0 0 ? SW Mar24 0:03 [kflushd]
root 3 0.0 0.0 0 0 ? SW Mar24 0:08 [kupdate]
root 4 0.0 0.0 0 0 ? SW Mar24 0:00 [kpiod]
root 5 0.0 0.0 0 0 ? SW Mar24 0:01 [kswapd]
root 6 0.0 0.0 0 0 ? SW< Mar24 0:00
[mdrecoveryd]
blah blah blah!!!
root 9634 0.0 0.7 2100 1020 ? S 13:27 0:00 /bin/sh
root 9657 1.2 0.7 1880 908 ? S 13:29 0:00 sh
./start.sh
root 9686 0.0 0.3 1340 480 ? S 13:29 0:00 klogd
root 9688 0.0 0.7 2776 904 ? R 13:29 0:00 adore -aux
/**************************HISTORY***************************/
< aqui viene mi history de root >
/************************HOSTS*****************************/
< viene mi file de hosts >
/************************PASSWD***************************/
Viene mi archivo de Passwds!
Parece ser que es un gusano...
por bind, no he podido actualizar pero lo hare.
Tecleo:
# top
y me sale lo siguiente:
17413 root 20 5 420 420 344 R N 28,6 0,3 1:09 pscan-lprng
17333 root 20 5 404 404 344 R N 28,4 0,3 6:25 pscan-bind
17329 root 15 5 404 404 344 R N 26,9 0,3 6:27 pscan-statdx
# netstat -tna
tcp 0 1 xxx.xxx.xxx.xxx:2499 98.14.178.142:53
y asi se repite con varios hosts!
Que puedo hacer?
Miguel.
P.D. Disculpen el "gran" email!!
---------------------------------------------------------
para salir de la lista, enviar un mensaje con las palabras
"unsubscribe ayuda" en el cuerpo a majordomo en linux org mx