On Thu 2006-12-28 (22:10), David Todd wrote: > something's up, nothing in ports will write to a /tmp/download > directory, so either you or someone with root access did it.
thought as much :/ > I suggest: > checking /var/log/auth.log for attempted breachings i had a rough skim and nothing suspicious, wanted to know when this happened so i could scrutinise the logs better. > run sockstat and look for processes with ports open that shouldn't > have ports open. thx, had a look at that and netstat etc, everything's normal. > conftest cores ususally mean a ./configure was issued and parts of > said configure failed, them being so far apart suggests that some work > was done to the configure script to fix it. > > If you didn't install anything from ports at or around those periods > of time, then someone was running a configure script to build > something on the machine. ah. it could very well have been me, was compiling a lot've stuff around those 2 days. doesn't seem like portupgrade etc keeps logs to check. _______________________________________________ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
