[macaddict0001]

Last night i was surfing macnn, when out of the blue safari started using all available system resources, it was like i was running seti. so i had to quit safari because it was using too many resources to even load a page, or even switch tabs. ok then i quit safari. Checked all running processes, found two processes called httpd and httpd, user www, one was force quitable using activity monitor, the other one wouldn't force guit, I opened terminal used the command killall httpd, it didn't work then i tried sudo killall httpd, it finally quit. Then after that i checked what ports were open, i got everything as expected except for some reason the telnet port was open, do you think it was a hacker...
and if so could you help me, i have two firewalls my login password a router password and a password for my wireless network.
The router has a firewall that is set to deny packets not sent to a specific computer on the network, while my computers software firewall is only set to allow the ports 1024 and up, 631,515,548,427,139,80,22,21,20. i realize this is a lot but my router should still protect me right, and this is mac osx, are there any other possible causes?
How could a hacker get root privelidges? The only explaination is that someone hacked my wep password, or worse yet has physical access to the network. I had to reinstall safari because everytime i started it hogged resources, and the worst part is it kept looping the same instruction as far as i can tell, it might have been a virus that is designed to hog system resources which on a pentium 4 would slow the entire system to a stop because of its multithreading power.

[bgotori]

Hey macaddict0001

I noticed this also, after I logged of MacNN... Thought it was something they(MacNN)were testing... Started seeing thing slow down, and the memory used was almost 800mb of my 1gb of ram...

I just rebooted and everything was fine... Just checked and didn't notice anything running, but this was after the reboot, so if it was there it was cleared out(I hope)...


Thanks!!!

Brad

[larkost]

httpd is apache, and it should always run one process as root, and then child processes as www. This does not sound suspicious. I can't speak to the telnet port being open, or the issue with Safari.

[bgotori]

Hey larkost


Yea your right about that stuff, but why when I logged on then off this site my memory usage went up all most triple???


Thanks!!!

Brad

[macaddict0001]

hmmm odd so macnn kills safari sometimes? The odd process makes sense because i was doing some light apache stuff. I guess it was probably an irrational fear. Rebooting fixed it too, so this may be a macnn issue?

[tooki]

I've had Safari do that before on sites other than MacNN. It just happens on rare occasion, and it actually will work itself out and return to normal after a bit.

tooki

[macaddict0001]

Thats odd i've neverr experienced that before.

[Boondoggle]

Originally posted by macaddict0001:
...The only explaination is that someone hacked my wep password..

You really should be using WPA if your hardware supports it. WEP is highly porous.

[macaddict0001]

I realize that wep is not that good and is easy to hack, but my outdated router doesn't even support g so no.

[Boondoggle]

Originally posted by macaddict0001:
I realize that wep is not that good and is easy to hack, but my outdated router doesn't even support g so no.

have you checked for firmware updates? Sometimes you can add WPA to older hw. And new routers are pretty cheap these days.

bd

[macaddict0001]

I have all available firmware updates, no luck.