on Wed, Aug 15, 2001 at 05:01:38PM -0400, Andrew Perrin (aperrin@email.unc.edu) wrote: > On Wed, 15 Aug 2001, Karsten M. Self wrote: > > > on Wed, Aug 15, 2001 at 11:49:12AM -0400, Andrew Perrin (aperrin@email.unc.edu) wrote: > > > Folks- > > > > > > I just logged in (from work) to my home machine to copy a file I > > > needed. It's behaving very weirdly, and I'd love some advice as to whether > > > you think I've been cracked or it's likely just a hardware issue. I'd > > > strongly prefer not to shutdown remotely, but will do so rather than > > > waiting until I get home tonight if y'all think that's what's appropriate. > > > > Looks suspicious based on what you post, though I wouldn't put it past > > bad memory. The log is IIRC an old portmapper crack attempt. Things to > > do: <...> > > > However, mount shows it as rw: > > > > How about /proc/mounts? /etc/mtab is often out-of-date when other > > issues exist with a system. Particularly if / is mounted ro. > > > > Note that most fstabs will remount / readonly if there are disk errors, > > as the line below shows. Note: reply after quoted. Trim quotes. > Additional information: > > - cat /proc/mounts returns an input/output error after a long wait. > > - ps gives the following message before returning its output: > nujoma:~# ps > Warning: /boot/System.map-2.2.19pre17 not parseable as a System.map Boot rescue media. Check your memory, your disk, and your CPU. Memory: memtest86 Disk: fsck, badblocks (nondestructive mode). CPU: compile a kernel (or something big) and watch for sig11 errors. I strongly suspect HW issues. I trust you can access the system with reasonable timeliness? -- Karsten M. Self <kmself@ix.netcom.com> http://kmself.home.netcom.com/ What part of "Gestalt" don't you understand? There is no K5 cabal http://gestalt-system.sourceforge.net/ http://www.kuro5hin.org Free Dmitry! Boycott Adobe! Repeal the DMCA! http://www.freesklyarov.org Geek for Hire http://kmself.home.netcom.com/resume.html
Attachment:
pgpKJ2E9sGCTT.pgp
Description: PGP signature