I have version 2.7 standalone
My firewall is reporting issues as follows which concern me. It appears that when the runcrawl.php is run a cron job, it "talks" to IP 83.170.104.103 which is hosted by xml-sitemaps.com
I am not a programmer, just a web site designer, but I wonder if it can be confirmed that there is "no problem" here. I have had a look at runcrawl.php and it is coded, so one can not see what is going on. Is it a "security feature" of the programme to ensure that it is a legit copy, or something like that
Here is an example of an email I receive from my firewall
Time: Thu Dec 6 07:01:04 2007
PID: 4472
Account: xxx
Uptime: 62 seconds
Executable:
/usr/local/bin/php
Command Line (often faked in exploits):
/usr/local/bin/php /home/xxx/public_html/blog/sitemap/runcrawl.php
Network connections by the process (if any):
tcp: xx.xxx.xxx.xx:60857 -> 83.170.104.103:80
Files open by the process (if any):
/tmp/ZCUDT6Or8S (deleted)
/tmp/sess_9030755ce348fdeafe98ab59f54eb919
Memory maps by the process (if any):
00101000-001dc000 r-xp 00000000 08:05 606729 /usr/X11R6/lib/libX11.so.6.2
001dc000-001e0000 rw-p 000db000 08:05 606729 /usr/X11R6/lib/libX11.so.6.2
001e0000-001e2000 r-xp 00000000 08:05 722250 /usr/local/Zend/lib/ZendExtensionManager.so
001e2000-001e3000 rw-p 00002000 08:05 722250 /usr/local/Zend/lib/ZendExtensionManager.so
00231000-00254000 r-xp 00000000 08:05 521295 /usr/lib/libpng12.so.0.1.2.7
00254000-00255000 rw-p 00022000 08:05 521295 /usr/lib/libpng12.so.0.1.2.7
004aa000-004ae000 r-xp 00000000 08:05 5046316 /lib/libnss_dns-2.3.4.so
004ae000-004af000 r--p 00003000 08:05 5046316 /lib/libnss_dns-2.3.4.so
004af000-004b0000 rw-p 00004000 08:05 5046316 /lib/libnss_dns-2.3.4.so
00625000-00669000 r-xp 00000000 08:05 1081758 /usr/lib/php/extensions/ioncube_loader_lin_4.4.so
00669000-0066e000 rw-p 00043000 08:05 1081758 /usr/lib/php/extensions/ioncube_loader_lin_4.4.so
0085c000-00872000 r-xp 00000000 08:05 5049248 /lib/ld-2.3.4.so
00872000-00873000 r--p 00015000 08:05 5049248 /lib/ld-2.3.4.so
00873000-00874000 rw-p 00016000 08:05 5049248 /lib/ld-2.3.4.so
00876000-0099c000 r-xp 00000000 08:05 5049249 /lib/tls/libc-2.3.4.so
0099c000-0099e000 r--p 00125000 08:05 5049249 /lib/tls/libc-2.3.4.so
0099e000-009a0000 rw-p 00127000 08:05 5049249 /lib/tls/libc-2.3.4.so
009a0000-009a2000 rw-p 009a0000 00:00 0
009a4000-009a6000 r-xp 00000000 08:05 5049252 /lib/libdl-2.3.4.so
009a6000-009a7000 r--p 00001000 08:05 5049252 /lib/libdl-2.3.4.so
009a7000-009a8000 rw-p 00002000 08:05 5049252 /lib/libdl-2.3.4.so
009aa000-009cb000 r-xp 00000000 08:05 5049254 /lib/tls/libm-2.3.4.so
009cb000-009cc000 r--p 00020000 08:05 5049254 /lib/tls/libm-2.3.4.so
009cc000-009cd000 rw-p 00021000 08:05 5049254 /lib/tls/libm-2.3.4.so
009cf000-009de000 r-xp 00000000 08:05 512571 /usr/lib/libz.so.1.2.1.2
009de000-009df000 rw-p 0000e000 08:05 512571 /usr/lib/libz.so.1.2.1.2
009e1000-009e6000 r-xp 00000000 08:05 5049258 /lib/libcrypt-2.3.4.so
009e6000-009e7000 r--p 00004000 08:05 5049258 /lib/libcrypt-2.3.4.so
009e7000-009e8000 rw-p 00005000 08:05 5049258 /lib/libcrypt-2.3.4.so
009e8000-00a0f000 rw-p 009e8000 00:00 0
00a11000-00a1f000 r-xp 00000000 08:05 606797 /usr/X11R6/lib/libXpm.so.4.11
00a1f000-00a20000 rw-p 0000e000 08:05 606797 /usr/X11R6/lib/libXpm.so.4.11
00a35000-00a48000 r-xp 00000000 08:05 5049257 /lib/libnsl-2.3.4.so
00a48000-00a49000 r--p 00012000 08:05 5049257 /lib/libnsl-2.3.4.so
00a49000-00a4a000 rw-p 00013000 08:05 5049257 /lib/libnsl-2.3.4.so
00a4a000-00a4c000 rw-p 00a4a000 00:00 0
00a4e000-00a5d000 r-xp 00000000 08:05 5046397 /lib/libresolv-2.3.4.so
00a5d000-00a5e000 r--p 0000f000 08:05 5046397 /lib/libresolv-2.3.4.so
00a5e000-00a5f000 rw-p 00010000 08:05 5046397 /lib/libresolv-2.3.4.so
00a5f000-00a61000 rw-p 00a5f000 00:00 0
00a86000-00a93000 r-xp 00000000 08:05 606754 /usr/X11R6/lib/libXext.so.6.4
00a93000-00a94000 rw-p 0000c000 08:05 606754 /usr/X11R6/lib/libXext.so.6.4
00a96000-00ad6000 r-xp 00000000 08:05 514885 /usr/lib/libmysqlclient.so.14.0.0
00ad6000-00bc8000 rw-p 0003f000 08:05 514885 /usr/lib/libmysqlclient.so.14.0.0
00bc8000-00bca000 rw-p 00bc8000 00:00 0
00c37000-00c54000 r-xp 00000000 08:05 519168 /usr/lib/libjpeg.so.62.0.0
00c54000-00c55000 rw-p 0001c000 08:05 519168 /usr/lib/libjpeg.so.62.0.0
00c57000-00c60000 r-xp 00000000 08:05 5049255 /lib/libgcc_s-3.4.6-20060404.so.1
00c60000-00c61000 rw-p 00009000 08:05 5049255 /lib/libgcc_s-3.4.6-20060404.so.1
00ca6000-00d66000 r-xp 00000000 08:05 512583 /usr/lib/libstdc++.so.6.0.3
00d66000-00d6b000 rw-p 000bf000 08:05 512583 /usr/lib/libstdc++.so.6.0.3
00d6b000-00d71000 rw-p 00d6b000 00:00 0
00dd1000-00eb2000 r-xp 00000000 08:05 754753 /usr/local/Zend/lib/Optimizer-3.2.2/php-4.4.x/ZendOptimizer.so
00eb2000-00ebf000 rw-p 000e1000 08:05 754753 /usr/local/Zend/lib/Optimizer-3.2.2/php-4.4.x/ZendOptimizer.so
00ebf000-00ec3000 rw-p 00ebf000 00:00 0
00fad000-00fb6000 r-xp 00000000 08:05 5046340 /lib/libnss_files-2.3.4.so
00fb6000-00fb7000 r--p 00008000 08:05 5046340 /lib/libnss_files-2.3.4.so
00fb7000-00fb8000 rw-p 00009000 08:05 5046340 /lib/libnss_files-2.3.4.so
08048000-08186000 r-xp 00000000 08:05 521986 /usr/local/bin/php
08186000-081b6000 rw-p 0013e000 08:05 521986 /usr/local/bin/php
081b6000-081cf000 rw-p 081b6000 00:00 0 09263000-09346000 rw-p 09263000 00:00 0 b7e9e000-b7eb6000 rw-p b7e9e000 00:00 0 b7edb000-b7edd000 rw-p b7edb000 00:00 0
b7edd000-b7f5d000 rw-s 00000000 00:06 9961484 /SYSV00000000 (deleted)
b7f5d000-b7f62000 rw-p b7f5d000 00:00 0 bff82000-bff98000 rwxp bff82000 00:00 0 bff98000-c0000000 rw-p bff98000 00:00 0 ffffe000-fffff000 ---p 00000000 00:00 0
thanks
Peter