Re: What is this in my syslog????????

To: debian-user@lists.debian.org
Subject: Re: What is this in my syslog????????
From: W Paul Mills <Paul-NOT@Mills-USA.com>
Date: Mon, 06 Nov 2006 10:53:00 -0600
Message-id: <[🔎] einpdp$qal$1@kristal.wpmills.com>
In-reply-to: <[🔎] 200611061813.45360.rose_snug@bigpond.com>
References: <[🔎] 200611061813.45360.rose_snug@bigpond.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

M-L wrote:
> I have this in my syslog while downloading the latest updates from Debian?
> 
> My computer drops off the modem. the modem is still connected but ppp is not, 
> the computer doesn't respond to being on the net/
> 
> I don't use chat and wonder if the machine is actually breached by intruders?
> 
> Charlie
> 
> Nov  6 17:59:41 taogypsy chat[7793]: Virus Infection and Unexpected Computer 
> Shutdowns^M
> Nov  6 17:59:41 taogypsy chat[7793]: ^M
> Nov  6 17:59:41 taogypsy chat[7793]: Affected Software: ^M
> Nov  6 17:59:41 taogypsy chat[7793]: ^M
> Nov  6 17:59:41 taogypsy chat[7793]: Microsoft Windows NT Workstation ^M
> Nov  6 17:59:41 taogypsy chat[7793]: Microsoft Windows NT Server 4.0 ^M
> Nov  6 17:59:41 taogypsy chat[7793]: Microsoft Windows 2000   ^M
> Nov  6 17:59:41 taogypsy chat[7793]: Microsoft Windows XP  ^M
> Nov  6 17:59:41 taogypsy chat[7793]: Microsoft Windows Win98   ^M
> Nov  6 17:59:41 taogypsy chat[7793]: Microsoft Windows Server 2003^M
> Nov  6 17:59:41 taogypsy chat[7793]: ^M
> Nov  6 17:59:41 taogypsy chat[7793]: Non Affected Software: ^M
> Nov  6 17:59:41 taogypsy chat[7793]: ^M
> Nov  6 17:59:41 taogypsy chat[7793]: Microsoft Windows Millennium Edition^M
> Nov  6 17:59:41 taogypsy chat[7793]: ^M
> Nov  6 17:59:41 taogypsy chat[7793]: Your system is affected, download the 
> patch from the address below ! ^M
> Nov  6 17:59:41 taogypsy chat[7793]: FIRST TYPE THE ADDRESS BELOW INTO YOUR 
> INTERNET BROWSER, THEN CLICK 'OK

All the above looks like stuff comming from your ISP.

> Nov  6 17:59:41 taogypsy chat[7793]:  -- got it

Your dial up scrip seems to be looking for an "OK" reply to a reset,
and it just got an "OK".

> Nov  6 17:59:41 taogypsy chat[7793]: send (ATDT0198308888^M)

Now the script is attempting to dial out.

> Nov  6 17:59:41 taogypsy chat[7793]: expect (CONNECT)

The script is now looking for a "CONNECT" message.

> Nov  6 17:59:41 taogypsy chat[7793]: '.^M
> Nov  6 17:59:41 taogypsy chat[7793]: THE ADDRESS WILL DISAPPEAR ONCE YOU 
> CLICK 'OK'.^M
> Nov  6 17:59:41 taogypsy chat[7793]: ^M
> Nov  6 17:59:41 taogypsy chat[7793]:                                                     
> www.patchupdate.info^M
> 

More stuff coming from your ISP.


Can not tell exactly what is going on here from the info
provided. But it does look like your connection drops,
then tries to redial while you are still connected to the
ISP.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFT2hpu4tRirKTPYwRAofFAJ4vqbw2D/9PvXHyMRwNpKe1bHR/uQCeMcIc
DrXgwZU0GfpSIxvFNV/bKkA=
=RpDO
-----END PGP SIGNATURE-----

begin:vcard
fn:W Paul Mills
n:Mills;W Paul
org:The Mills Chaos In The USA
adr:;;;Topeka;Kansas;;USA
email;internet:Paul-NOT@Mills-USA.com
title:Electronics Technician
note:Hint: remove -NOT
x-mozilla-html:FALSE
url:http://Mills-USA.com
version:2.1
end:vcard

Reply to:

References:
- What is this in my syslog????????
  - From: M-L <rose_snug@bigpond.com>

Prev by Date: Re: sony sucks
Next by Date: Re: quick scripting question - finding occurrence in many lines
Previous by thread: Re: What is this in my syslog????????
Next by thread: Re: cable modem connection slower then dial up
Index(es):
- Date
- Thread