Hacked or not ?
Peter C. Lai
sirmoo at cowbert.net
Fri May 21 12:58:09 PDT 2004
> ioctl(1,TIOCGETA,0xbfbff534) = 0 (0x0)
> ioctl(1,TIOCGWINSZ,0xbfbff5a8) = 0 (0x0)
> getuid() = 0 (0x0)
> readlink("etc/malloc.conf",0xbfbff490,63) ERR#2 'No such file or directory' #SUSPICIOUS
> mmap(0x0,4096,0x3,0x1002,-1,0x0) = 671666176 (0x2808d000)
> break(0x809b000) = 0 (0x0)
> break(0x809c000) = 0 (0x0)
> break(0x809d000) = 0 (0x0)
> break(0x809e000) = 0 (0x0)
> ...........................................................................................and so on!
Looks normal to me here...not really sure why that is suspicious to you.
(it's just trying to load malloc.conf for malloc options).
--
Peter C. Lai
University of Connecticut
Dept. of Molecular and Cell Biology
Yale University School of Medicine
SenseLab | Research Assistant
http://cowbert.2y.net/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 2200 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20040521/0c325eba/smime.bin
More information about the freebsd-security
mailing list