Security ad Latest GAIM
Well... this morning has been very interesting. I saw again that I had several copies of the quip solver going, and I was amazed to see that I had about 15 copies going full-steam. Several of them looked as though they had been run from the command-line. This seemed hard to believe because they all were run by nobody and yet they were run with options that my PHP code would never have generated. Very odd...
So I got to thinking - could it be that someone came in as nobody and started running it from the command line. Or someone could have built a new PHP script, placed it in my system and run it. So I checked last to see who's logged in - clear... then I searched for all possible PHP files - none that shouldn't be there. Very odd...
Then I noticed that the CPU usage didn't add up. In Solaris 7 there's an applet that shows CPU utilization and disk usage and it showed at least 20% usage when a ps -ef | sort -r -k 4 didn't show anything nearly that high. So I got to wondering if there might be a connection - in any case, things were looking very, very odd on sparky. So I did a reboot.
It took a long time to shutdown - there was clearly a serious problem with the machine. I then got him back up and saw that GAIM posted a new version that supposedly fixed a bug in the code that caused problems with X servers. This could certainly be part of the issue. So I got the latest GAIM and built it. The CPU utilization seems more under control and I can't imagine why the other quip-related stuff is happening. Maybe I'll put in a trap in the code to long who, what, when and then have a look at that. I can't imagine who might be doing this, but I was really surprised that I had all these quip solvers running when I know that they naturally timeout after 15 sec. Something must have been doing something kinda odd.
I also think I got crawled this morning. I looked at my web access log and there was someone trying to access robots.txt which is a dead give-away. Interesting... I've been hit by a search engine. It'll be fun to look in a day or two to see if it's been updated to Google or some other search engine.
Well... I found a little problem in the 0.11.0pre13 version of GAIM and posted a question regarding it to the SourceForge board. Eric responded quickly saying that it was indeed his fault. No biggie - it's just good to know that it isn't me.
Also, I've added a logging feature to the quip solver to hopefully fill in a few gaps in who's doing what when with these quip runs. Now I don't mind that someone wants to run the solver, that's why I put it up there, but I do want to make sure that someone is not trying to hack into my system and do serious ill.