I'm posting this purely as a cautionery note, and it may or may not relate your problem. An friend of mine has had a similar problem on his firewall system. Also, some services stop working - probably library based, and people have had trouble logging into the system. Today, it was finally tied down to the fact that someone had broken into his system - probably through bind, although he was running a recent version, 8.2.2-P3. The problems were apparent, because a number of the commands, such as 'ps' and 'ls' had been replaced by versions compiled on another box. For those who wish to check, try to cd into #/usr/src/.puta. Don't try to 'ls' it because it won't show it. Apparently, the 'cd' command hasn't been altered, presumably because the cracker needed it to get back all the user ID/passwords it was harvesting every time popd, telnetd etc. was used. On Friday 02 March 2001 11:18 am, Alex Brett wrote:
I tried to do a ps recently and got the following error:
[rebuke@Linux rebuke]$ ps -ef | grep squid ps: can't load library 'libc.so.5'
Any ideas?
-- Gary Stainburn This email does not contain private or confidential material as it may be snooped on by interested government parties for unknown and undisclosed purposes - Regulation of Investigatory Powers Act, 2000