This item is for system problems.  If something on Grex isn't working 
right (line noise on a modem, weird behavior from a program, etc.), 
this is the place to announce it.  Except for security holes.  If you 
find a hole in system security, mail information about it to "staff".

251 responses total.

Grex's version of "w" is retarded.  I can't even order the output by idle
time.

(I realize that's not a system problem for most of you)

You're fat.

Re #1:  You don't know how to use "sort"?

I don't know if this is expected behavior or not, but as I hadn't logged
on grex regularly in some time, I figured I'd report it.  I probably
haven't logged on interactively (ssh/telnet) in over a year, but when I
just attempted to do so, ssh rejected my password.  I finally tried
telnet and found that my password had expired so it required me to
change it.  Now, if grex at some point drops telnet (as I'm sure is
eventually bound to happen, though probably not remotely soon), this
could be a problem.  I guess that apache doesn't prompt you and actually
lets you login with an expired password, and telnet tells you it's been
expired, but ssh is oblivious.  Anyway, I'm just reporting that issue.

It's known; I think it's a limit in ssh, itself.

The load average was up to 168 a few minutes ago, but it seems to be
dropping now.
  9:01am  up 26 days, 14:09,  27 users,  load average: 158.47, 159.66,
155.52

Also, this may be related, but Backtalk was just prompting me endlessly for
a password.

Currently:
  9:37am  up 26 days, 14:45,  28 users,  load average: 18.75, 33.39, 66.41
but Grex is still extremely slow.

settled down now ...
  
 1:08pm  up 26 days, 18:16,  44 users,  load average: 5.09, 4.11, 3.69
  
on the m-b0x late last night there was cgi mailbomb process
running that ran load into the high 100s also. 

apache often will not authenticate properly when the load is too high. 
I'm not sure if the password files lock or what, but it happens.

grex has been very, VERY s-l--o---w this afternoon........

No shit.

This response has been erased.

Geez.

Uh, right.  When did you become a Grex staffer, Todd?

krj is a hacker!

Why is grex denying logins?

hmm.... You logged in to enter your response, no?  So maybe the problem was
fixed?

BACKTALK!

I'm surprised that it makes a difference.

(I was surprised that it made a difference as well, but it did.)

(on the bright side, whatever "vandal maintenance" took place appears to
have worked.  Grex is humming along right now.)

What was the vandal Maintance STeve?

Its 10:10am on Jan. 1st, and when i connect to grex and login, it 
disconnects me.  What kind of System Maintance is now happening?

10:15am  up 14 mins,  2 users,  load average: 1.80, 1.85, 1.55

0 waiting, 2 remote + 1 local users; 72 max remote users

Login      Name               TTY  Idle  Login Time   Location   Work 
Phone
noot     Scott Helmke's Root   p1        Jan  1 10:14
root     Operator              p0        Jan  1 10:13

resp:20: If the webserver is up, you should be able to login and use
backtalk.  If logins are disabled, you just can't login, likely because
someone is working to clear up whatever was causing the problems that
made them reboot grex.  They'd want to make sure those scripts are gone,
logins are disabled, and possibly networks are blocked so they can
prevent the person from coming right back and starting again.

Valerie Comeing to Save GREX!!!!!!


Login      Name               TTY  Idle  Login Time   Location   Work 
Phone
noot     Scott Helmke's Root   p1        Jan  1 10:14
valerie  Valerie Mates        *s0        Jan  1 10:21      Happy 
Everything!

The Webserver is Obviously up, Or how would i be entering items, or how 
would people read them.

Really nasty vandal - but I think we've managed to deal with it.

grex is up at 10:54
appeared to be another attack early this morning!!!!!

While grex is preventing Vandals, Mnet is letting them on their 
systems, after the mailbombing cgi script
Login: kap                              Name: kap de kuk
Directory: /home/guest/kap              Shell: /bin/bash
On since Wed Jan  1 10:48 (EST) on ttypk, idle 0:08, from 203.111.194.11
No Mail.
Plan: Alternate Email: neuro@pula.com
bash-
2.05a$                                                                  
  

Thanks, Scott.

I'm not sure if the user kap is still allowed to log on.  Finger information
shows up even if the user is splatted.

resp:33   READ CLOSER
On since Wed Jan  1 10:48 (EST) on ttypk, idle 0:08, from 203.111.194.11

In the past day or so I have received five (5) copies of happy.scr from
azhar.rajput@sympatico.ca.  If other people have been receiving these, can
the filter be set to reject mail from this idiot?  Is happy.scr the
screensaver it claims to be or some virus on another machine?  The mails are
47K and I have to empty my mailbox regularly to keep it functional.

Can someone explain again, in detail, how to use procmail.  I just got a sixth
copy of the above spam, all 49K with header and message.

Would it work to create a file in my home directory called .procmailrc
and put into it the lines  :0      * ^From:azhar.rajput*      /dev/null
(These are three separate lines but I cannot type a line starting with a colon
into bbs.)

RE:37 
You might have to put something in your .forward to make it work.  You can
also put a space before the gate prompt if you are entering special
characters, like:
 !
 :

So what is .forward supposed to look like?
I think procmail should be included in something like the CHANGE program so
that all we beginners can use it more easily.  Any volunteers to do this?
I put those lines in a file .procmailrc (also * before the from address
since it comes as azhar rajput <azhar.rajput.....> and at least it is not
blocking normal mail (I sent myself a test mail).  The man page for procmail
also said to put -m somewhere, but I could not understand most of it.

- Backtalk version 1.3.30 - Copyright 1996-2006, Jan Wolter and Steve Weiss