On Sat, 3 Jan 2004, Erik Bourget wrote: > Guennadi Liakhovetski <g.liakhovetski@xxxxxx> writes: > > > On Fri, 2 Jan 2004, Erik Bourget wrote: > > > >> I had a very bizarre situation where four boxes in the same rack all > >> simultaneously (within 30 minutes) hard-locked with Oops messages. The > >> boxes > > > > An obvious idea - after reading an article about a break-in into Debian > > and others' boxes - sure you weren't cracked? > > Yeah, that was a concern and I'm relatively sure that's not the case because > > *) chkrootkit says so (mod some hidden processes that are reported by a bug in > chkrootkit according to Google) > > *) The crashy boxes were all installed with 2.4.23, not upgraded, so the big > Debian vulnerability didn't exist > > *) The only open ports to the outside world are running SMTP and POP3 as > non-root no-shell accounts, and it's running qmail which seems simple and > safe enough. Are you using ipchains ? There is a known problem with 2.4.23 and ipchains compatibility.
