[Scottish] Re: time spent on Linux stuff...

[Gary]

babaguy wrote:
> Hi Gary,
>
> You might look up "Carnivore" on google, to see what it is, what it 
> does, and which OS has a built-in back door by which it intrudes and 
> eats up everything....
>
> - Paul
>
>
>

FYI, Carnivore bit the dust ages ago. It did not work.

On a side note, I noticed a mailserver I was asked to look over because 
it had some 'issues'. After spending some quality time on analysing the 
running processes, I saw one that was unfamiliar. The process was called 
echelond. It rang a bell, but did not know what it was. After my initial 
'ps -aux' the console beeped once or twice.

At this stage things were not clear as to what happened next. I recall 
answering the phone, but only to hear 'click' as if someone put the 
phone down or using a really old analogue phone. Thinking nothing of it, 
I went back to my process of finding out what hogged the resources on 
this server.

To my dismay I had missed the program exiting. Also, trying to figure 
out what where it came from (ie executed from /etc/rc.d) Well the 
machine was running a lot better. So I did not bother much. Later I 
used  some stuff from http://www.chkrootkit.org and rkhunter but they 
too did not show anything.

I am SURE I saw it.

Funny thing though, my modem no longer works on our phone line. Signal 
tests show too much degradation on the line. I had BT and co check the 
line several times. They would not tell me what was wrong except, your 
modem is bust or something. There is always a crackle on the line and no 
matter what, we cannot get it fixed.

Anyways, switching to cable was a lot easier, but my firewall shows lots 
of probes from machines that should not be contacting my machine.

-Gary