MacBook Pro hacked by Folx(?)

Discussion in 'macOS' started by frogman5, Apr 14, 2012.

  1. frogman5, Apr 14, 2012
    Last edited: Apr 14, 2012

    frogman5 macrumors newbie

    Joined:
    Apr 14, 2012
    #1
    Found multiple entries in log that appear/read as just "suspicious;" Yes, I use FOLX. Maybe not the brightest of activities, I agree, but the thought of good free documents proved too tempting.
    The following are only a few of the weirdest ones. I wish I knew more but I am not certain how to go about finding and then sifting through the infinite minutiae of it all.


    "4/14/12 8:49:47 AM Firewall[67] GoogleTalkPlugin is listening from 127.0.0.1:53302 proto=6

    4/12/12 7:03:05 AM Firewall[68] krb5kdc is listening from 0.0.0.0:88 proto=6

    4/13/12 7:21:56 AM Firewall[68] cupsd is listening from 0.0.0.0:631 proto=6

    4/12/12 3:27:19 PM ntpd[34] time reset -0.657606 s

    4/12/12 9:27:53 PM Firewall[71] Deny configd data in from 192.168.1.1:67 to port 68 proto=17

    4/12/12 9:55:19 PM loginwindow[48] in pam_sm_authenticate(): Failed to determine Kerberos principal name."


    Became a bit paranoid when I booted and saw the time changed and date set back to 2000.
    Are ANY of these at all suspect? Not at all able to decipher this stuff, where can I read about the codes I am seeing without bothering everyone here?

    Thanks!
     
  2. Ccrew macrumors 68020

    Joined:
    Feb 28, 2011
    #2
    Nothing I see there out of line. three services allowed to talk by the firewall are the first three lines. 4th line is a time reset based on an NTP request. last two are failed authentications for a configuration update (looks like you may have uPnP turned on on your router?) and the machine unable to verify a kerberos ticked which is simply a SPN error (Service Principal Name)

    All in all pretty benign, and certainly nothing to panic over.
     

Share This Page