Redhat problem
Lisa Casey
lisa at jellico.com
Tue Jan 17 21:19:06 UTC 2006
Hi,
I'm running Redhat 7.2 This computer functions as a Radius server (cistron radius 1.6.7) and as a mail server (sendmail 8.12.6) which also runs MIMEDefang 2.48 and SpamAssassin version 3.0.1 running on Perl version 5.8.5. I have openssl 0.9.6b
I attempted to upgrade to openssl 0.9.8a (I downloaded the tarball, did a config, make, make test and make install all of which ran without error but after rebooting trhe machine it still reports openssl 0.9.6b). This machine has run flawlessly for a couple of years but since this weekend I have seen a number of problems.
Example: in my maillog from today there were numerous entries such as this:
Jan 17 04:05:08 Raydeus-Dee sendmail[24825]: rejecting connections on daemon MTA: load average: 34
Jan 17 04:05:21 Raydeus-Dee sendmail[3863]: k0H90GBb003863: Milter (mimedefang): timeout before data read
Jan 17 04:05:21 Raydeus-Dee sendmail[3844]: k0H90EBb003844: Milter (mimedefang): timeout before data read
I verified that the load average was 34, on this machine it usually varies from 0.something to about 5.something
I have chkrootkit 0.44 on here and if I run that I get:
Checking `slapper'... Warning: Possible Slapper Worm installed
although I don't see any files in /tmp that I was told to look for when I googled slapper. At one time today when I was running top, I thought I saw an entry for httpd which is odd since Apache is not installed on this system.
What should I look for to try to determine what's going on? How can I tell for sure if the system is infected? Is there a good antivirus I can install on this system that can clean an infection?
Thanks,
Lisa Casey
More information about the redhat-list
mailing list