Active System Attack Alerts
From: TOm Arne Trovatn (tom_at_boksen.homeunix.net)
Date: 08/31/04
- Next message: Lowell Gilbert: "Re: xterm does not show up in who/w"
- Previous message: Peter Gutbrod: "Re: Recommended books for switcher"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Tue, 31 Aug 2004 14:48:52 +0200
Hi folks.
I'm got a mail from my FreeBSD 4.10 gateway machine with the rather
scary subject line ACTIVE SYSTEM ATTACK. The content of this mail is no
more reassuring.
Active System Attack Alerts
=-=-=-=-=-=-=-=-=-=-=-=-=-=
Aug 31 00:04:41 gw /kernel: processor eflags = nested task, resume, IOPL = 0
Security Violations
=-=-=-=-=-=-=-=-=-=
Aug 31 00:04:41 gw /kernel: processor eflags = nested task, resume, IOPL = 0
Unusual System Events
=-=-=-=-=-=-=-=-=-=-=
Aug 31 00:04:38 gw /kernel:
Aug 31 00:04:38 gw /kernel:
Aug 31 00:04:38 gw /kernel: Fatal trap 12: page fault while in kernel mode
Aug 31 00:04:38 gw /kernel: fault virtual address = 0xc0b5fb7f
Aug 31 00:04:38 gw /kernel: fault code = supervisor write, page not present
Aug 31 00:04:39 gw /kernel: instruction pointer = 0x8:0xc019213b
Aug 31 00:04:39 gw /kernel: stack pointer = 0x10:0xcd5aad8c
Aug 31 00:04:39 gw /kernel: frame pointer = 0x10:0xcd5aada0
Aug 31 00:04:39 gw /kernel: code segment = base 0x0, limit 0xfffff,
type 0x1b
Aug 31 00:04:39 gw /kernel: = DPL 0, pres 1, def32 1, gran 1
Aug 31 00:04:39 gw /kernel: processor eflags = interrupt enabled,
resume, IOPL = 0
Aug 31 00:04:39 gw /kernel: current process = 81 (ppp)
Aug 31 00:04:39 gw /kernel: interrupt mask = net tty
Aug 31 00:04:39 gw /kernel: trap number = 12
Aug 31 00:04:39 gw /kernel: panic: page fault
Aug 31 00:04:39 gw /kernel:
Aug 31 00:04:39 gw /kernel: syncing disks... 5
Aug 31 00:04:39 gw /kernel:
Aug 31 00:04:39 gw /kernel: Fatal trap 12: page fault while in kernel mode
Aug 31 00:04:39 gw /kernel: fault virtual address = 0xc0b5fb7f
Aug 31 00:04:39 gw /kernel: fault code = supervisor write, page not present
Aug 31 00:04:39 gw /kernel: instruction pointer = 0x8:0xc019213b
Aug 31 00:04:39 gw /kernel: stack pointer = 0x10:0xcd5aaa64
Aug 31 00:04:39 gw /kernel: frame pointer = 0x10:0xcd5aaa78
Aug 31 00:04:39 gw /kernel: code segment = base 0x0, limit 0xfffff,
type 0x1b
Aug 31 00:04:39 gw /kernel: = DPL 0, pres 1, def32 1, gran 1
Aug 31 00:04:39 gw /kernel: processor eflags = interrupt enabled,
resume, IOPL = 0
Aug 31 00:04:39 gw /kernel: current process = 81 (ppp)
Aug 31 00:04:39 gw /kernel: interrupt mask = net tty
Aug 31 00:04:39 gw /kernel: trap number = 12
Aug 31 00:04:39 gw /kernel: panic: page fault
Aug 31 00:04:39 gw /kernel: Uptime: 1h57m34s
Aug 31 00:04:39 gw /kernel:
Aug 31 00:04:39 gw /kernel:
Aug 31 00:04:39 gw /kernel: Fatal trap 12: page fault while in kernel mode
Aug 31 00:04:39 gw /kernel: fault virtual address = 0xc0b5fb7f
......
Does anyone know what's going on ?
Tom Arne Trovatn
- Next message: Lowell Gilbert: "Re: xterm does not show up in who/w"
- Previous message: Peter Gutbrod: "Re: Recommended books for switcher"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
