Evans F. Mitchell KD4EFM / AFA2TH / WQFK-894 kirjoitti viestissään (lähetysaika torstai, 25. lokakuuta 2007 18:51): > Found an error or two from my logwatch report from yesterday, > thought I would share this in hopes this is just first time > run of the problem I noticed in the Kernel report section... > > Also not sure why there's an issue with automount either.... > but I guess I could ask on that issue as well. > > I am not worried about the NAMED error, this is something that > happens due to one of the services that is installed on the box, > as it is HAM RADIO related only. > > Any feedback? I will be looking for it... > > some items will be X'ed for protection reasons. > > EFM > > -----Original Message----- > From: logwatch at XXXXXX > Sent: Thursday, October 25, 2007 4:02 AM > To: root at XXXXXXXXX > Subject: Logwatch for XXXXXXX.org (Linux) > > > ################### Logwatch 7.3 (03/24/06) #################### > Processing Initiated: Thu Oct 25 04:02:02 2007 > Date Range Processed: yesterday > ( 2007-Oct-24 ) > Period is day. > Detail Level of Output: 0 > Type of Output: unformatted > Logfiles for Host: XXXXXXXXXXXX.kd4efm.org > ################################################################## > > --------------------- Selinux Audit Begin ------------------------ > > Number of audit daemon stops: 1 > > **Unmatched Entries** > audit(1193230471.737:2): selinux=0 auid=4294967295 > > ---------------------- Selinux Audit End ------------------------- > > > --------------------- Automount Begin ------------------------ > > > **Unmatched Entries** > lookup_read_master: lookup(nisplus): couldn't locat nis+ table > auto.master: 1 Time(s) > > ---------------------- Automount End ------------------------- > > > --------------------- Kernel Begin ------------------------ > > > WARNING: Kernel Errors Present > end_request: I/O error, dev fd0, sector ...: 2 Time(s) > > ---------------------- Kernel End ------------------------- I get quite similar error with my cdplayer/burner, but found nothing dramatic when looked? kernel is latest vanilla. You are lucky when getting so small logwatch report.... Mine is: ################### Logwatch 7.3 (03/24/06) #################### Processing Initiated: Fri Oct 26 04:02:03 2007 Date Range Processed: yesterday ( 2007-Oct-25 ) Period is day. Detail Level of Output: 0 Type of Output: unformatted Logfiles for Host: oh1mrr.ampr.org ################################################################## --------------------- httpd Begin ------------------------ Requests with error response codes 400 Bad Request /w00tw00t.at.ISC.SANS.DFind:): 1 Time(s) 404 Not Found /lamentable-amidships.gif: 3 Time(s) /phpmyadmin/index.php: 1 Time(s) /tiny_mce/langs/fi.js: 1 Time(s) /tiny_mce/plugins/cmsimple/editor_plugin.js: 1 Time(s) /tiny_mce/plugins/emotions/langs/fi.js: 1 Time(s) /tiny_mce/plugins/insertdatetime/langs/fi.js: 1 Time(s) /tiny_mce/plugins/paste/langs/fi.js: 1 Time(s) /tiny_mce/plugins/preview/langs/fi.js: 1 Time(s) /tiny_mce/plugins/print/langs/fi.js: 1 Time(s) /tiny_mce/plugins/save/langs/fi.js: 1 Time(s) /tiny_mce/plugins/searchreplace/langs/fi.js: 1 Time(s) /tiny_mce/plugins/table/langs/fi.js: 1 Time(s) /tiny_mce/themes/advanced/images/{$lang_bold_img}: 1 Time(s) /tiny_mce/themes/advanced/images/{$lang_italic_img}: 1 Time(s) /tiny_mce/themes/advanced/images/{$lang_underline_img}: 1 Time(s) /tiny_mce/themes/advanced/langs/fi.js: 1 Time(s) http://218.10.111.119/lbc.php: 14 Time(s) http://mail2.663.com.cn/include/prx.php?p= ... DF91E9AD57733E3: 15 Time(s) ---------------------- httpd End ------------------------- --------------------- iptables firewall Begin ------------------------ Logged 948 packets on interface eth1 From 4.227.16.133 - 1 packet to udp(1026) From 7.207.168.25 - 1 packet to udp(1026) From 9.23.40.186 - 1 packet to udp(1026) From 19.149.118.245 - 1 packet to udp(1026) From 21.132.92.162 - 1 packet to udp(1026) From 24.231.67.82 - 2 packets to icmp(8) From 40.87.195.237 - 1 packet to udp(1026) From 41.30.221.210 - 1 packet to udp(1026) From 41.208.215.98 - 2 packets to tcp(3306) From 41.242.179.188 - 1 packet to tcp(3306) From 53.146.190.52 - 1 packet to udp(1026) From 56.181.95.236 - 1 packet to udp(1026) From 58.20.228.52 - 1 packet to udp(1434) From 58.172.48.65 - 2 packets to tcp(3306) From 58.247.50.242 - 1 packet to tcp(5168) From 59.151.208.47 - 2 packets to icmp(8) From 59.157.208.109 - 1 packet to udp(1026) From 59.174.207.157 - 1 packet to udp(1026) From 60.49.230.166 - 2 packets to tcp(445) From 61.69.44.70 - 1 packet to tcp(3306) From 61.134.56.18 - 1 packet to udp(1434) From 62.132.28.229 - 1 packet to udp(1026) From 62.178.178.7 - 2 packets to icmp(8) From 63.135.19.133 - 2 packets to icmp(8) From 64.32.70.158 - 2 packets to icmp(8) From 64.92.174.75 - 18 packets to icmp(3) From 64.193.168.185 - 2 packets to icmp(8) From 66.54.123.82 - 2 packets to icmp(8) From 66.235.214.239 - 2 packets to tcp(110) From 69.178.234.12 - 2 packets to tcp(4899) From 70.69.73.231 - 2 packets to tcp(3306) From 72.21.40.11 - 27 packets to tcp(44444,44452,44457) From 72.49.19.7 - 2 packets to icmp(8) From 72.110.29.158 - 1 packet to udp(1026) From 74.202.13.30 - 2 packets to tcp(445) From 74.233.105.14 - 2 packets to icmp(8) From 75.179.139.140 - 1 packet to udp(1026) From 79.185.28.117 - 2 packets to icmp(8) From 80.48.79.153 - 15 packets to tcp(59909) From 80.54.67.163 - 2 packets to icmp(8) From 80.83.141.240 - 2 packets to icmp(8) From 80.171.1.80 - 1 packet to tcp(135) From 81.149.62.9 - 2 packets to tcp(3306) From 82.88.202.165 - 2 packets to icmp(8) From 82.154.4.245 - 2 packets to icmp(8) From 82.166.13.50 - 4 packets to udp(1026,1027) From 82.210.145.3 - 2 packets to icmp(8) From 82.245.99.133 - 2 packets to icmp(8) From 83.14.145.178 - 2 packets to tcp(139) From 83.31.202.168 - 2 packets to icmp(8) From 84.90.200.34 - 2 packets to tcp(3306) From 85.74.23.207 - 2 packets to tcp(3306) From 85.177.160.118 - 2 packets to icmp(8) From 86.20.14.213 - 2 packets to tcp(3306) From 87.28.250.85 - 2 packets to tcp(2967) From 87.120.204.38 - 3 packets to tcp(5900) From 88.77.2.45 - 1 packet to udp(1026) From 88.112.114.156 - 2 packets to icmp(8) From 88.146.165.64 - 2 packets to tcp(3306) From 88.207.4.137 - 2 packets to icmp(8) From 88.208.217.170 - 32 packets to icmp(3) From 88.212.79.157 - 1 packet to udp(1026) From 95.124.31.59 - 1 packet to udp(1026) From 96.65.214.142 - 1 packet to udp(1026) From 98.195.120.15 - 1 packet to udp(1026) From 100.90.207.182 - 1 packet to udp(1026) From 100.190.11.240 - 1 packet to udp(1026) From 101.42.17.107 - 1 packet to udp(1026) From 105.248.183.185 - 1 packet to udp(1026) From 118.86.195.47 - 1 packet to udp(1026) From 119.248.105.106 - 1 packet to udp(1026) From 120.103.76.108 - 1 packet to udp(1026) From 120.223.230.248 - 1 packet to udp(1026) From 124.136.109.61 - 2 packets to icmp(8) From 124.227.231.235 - 2 packets to tcp(135) From 125.90.55.20 - 1 packet to tcp(135) From 125.90.55.24 - 1 packet to tcp(135) From 128.11.72.208 - 1 packet to udp(1026) From 128.104.176.97 - 1 packet to udp(1026) From 129.177.16.228 - 18 packets to tcp(33717,33734) From 130.117.72.42 - 9 packets to tcp(39470) From 130.117.72.43 - 9 packets to tcp(51459) From 130.236.100.78 - 30 packets to icmp(3) From 134.190.236.129 - 1 packet to udp(1026) From 138.212.221.140 - 1 packet to udp(1026) From 141.212.196.105 - 1 packet to udp(1026) From 143.238.180.159 - 1 packet to udp(1026) From 147.61.196.205 - 1 packet to udp(1026) From 154.105.87.5 - 1 packet to udp(1026) From 162.39.250.138 - 2 packets to tcp(8443) From 173.97.26.181 - 1 packet to udp(1026) From 174.13.1.102 - 1 packet to udp(1026) From 177.63.233.77 - 1 packet to udp(1026) From 179.72.3.9 - 1 packet to udp(1026) From 187.174.232.150 - 1 packet to udp(1026) From 188.210.10.212 - 1 packet to udp(1026) From 189.4.225.106 - 2 packets to tcp(5900) From 192.121.194.10 - 1 packet to udp(1026) From 192.150.18.46 - 18 packets to tcp(39998,40013) From 192.158.152.24 - 1 packet to udp(1026) From 192.249.68.167 - 1 packet to udp(1026) From 193.97.159.64 - 1 packet to udp(1026) From 194.90.118.209 - 1 packet to udp(1026) From 199.119.233.35 - 1 packet to udp(1026) From 200.56.223.80 - 2 packets to icmp(8) From 200.76.138.203 - 2 packets to icmp(8) From 200.101.77.142 - 2 packets to icmp(8) From 201.90.229.2 - 2 packets to icmp(8) From 201.156.110.6 - 1 packet to udp(1026) From 202.40.222.81 - 2 packets to icmp(8) From 202.97.238.200 - 37 packets to udp(1026,1027) From 202.97.238.202 - 18 packets to udp(1026,1027) From 203.94.243.191 - 1 packet to udp(1434) From 207.62.105.54 - 2 packets to icmp(8) From 207.119.41.21 - 1 packet to icmp(8) From 209.40.236.226 - 2 packets to icmp(8) From 211.94.189.208 - 3 packets to tcp(5900) From 212.54.203.210 - 2 packets to tcp(3306) From 212.86.0.5 - 1 packet to udp(47831) From 212.86.0.6 - 4 packets to udp(45974,45975,47838,48712) From 212.178.45.34 - 2 packets to tcp(4899) From 212.189.250.217 - 1 packet to udp(1026) From 213.22.195.120 - 4 packets to tcp(2968) From 213.29.11.170 - 2 packets to tcp(445) From 213.35.229.40 - 2 packets to tcp(3306) From 213.41.108.132 - 2 packets to tcp(445) From 213.123.48.201 - 1 packet to tcp(135) From 213.123.133.147 - 2 packets to tcp(5900) From 213.130.7.109 - 1 packet to tcp(2967) From 213.147.107.234 - 2 packets to tcp(135) From 213.148.140.150 - 2 packets to tcp(135) From 213.150.72.140 - 1 packet to tcp(135) From 213.169.164.251 - 1 packet to tcp(135) From 213.169.180.45 - 1 packet to tcp(135) From 213.169.187.160 - 1 packet to tcp(135) From 213.173.78.202 - 2 packets to tcp(135) From 213.174.250.174 - 1 packet to tcp(135) From 213.182.126.222 - 1 packet to tcp(135) From 213.184.3.142 - 2 packets to tcp(5900) From 213.184.255.123 - 2 packets to tcp(2967) From 213.186.241.11 - 10 packets to tcp(135,445) From 213.186.241.42 - 50 packets to tcp(135,139,445,1433) From 213.186.246.244 - 1 packet to tcp(135) From 213.186.249.126 - 23 packets to tcp(135) From 213.186.249.236 - 16 packets to tcp(135,139,445) From 213.214.57.216 - 6 packets to tcp(2967) From 213.245.77.134 - 2 packets to icmp(8) From 215.185.130.179 - 1 packet to udp(1026) From 216.135.103.7 - 2 packets to icmp(8) From 216.199.253.195 - 3 packets to tcp(135) From 217.164.211.154 - 1 packet to icmp(8) From 217.195.206.226 - 2 packets to tcp(1433) From 217.199.190.24 - 2 packets to tcp(110) From 218.10.111.119 - 21 packets to tcp(3128,8080) From 218.10.137.141 - 29 packets to udp(1026,1027) From 218.10.137.142 - 20 packets to udp(1026,1027) From 218.25.68.163 - 1 packet to udp(1434) From 218.26.191.171 - 1 packet to udp(1434) From 218.106.91.25 - 1 packet to udp(1434) From 218.108.70.246 - 1 packet to udp(1434) From 218.169.74.106 - 2 packets to icmp(8) From 219.87.252.80 - 2 packets to icmp(8) From 219.147.233.30 - 1 packet to udp(1434) From 219.153.22.95 - 2 packets to tcp(135) From 219.153.40.153 - 1 packet to tcp(135) From 219.153.71.5 - 1 packet to tcp(135) From 219.254.35.210 - 1 packet to tcp(135) From 220.129.66.76 - 1 packet to icmp(8) From 220.150.238.54 - 2 packets to tcp(445) From 220.165.143.37 - 1 packet to udp(1434) From 220.182.54.124 - 1 packet to udp(1434) From 221.139.35.78 - 2 packets to tcp(4899) From 221.208.208.83 - 27 packets to udp(1026,1027) From 221.208.208.90 - 26 packets to udp(1026,1027) From 221.208.208.91 - 24 packets to udp(1026,1027) From 221.208.208.95 - 19 packets to udp(1026,1027) From 221.208.208.98 - 17 packets to udp(1026,1027) From 221.208.208.99 - 24 packets to udp(1026,1027) From 221.208.208.101 - 19 packets to udp(1026,1027) From 221.208.208.103 - 27 packets to udp(1026,1027) From 221.208.208.212 - 20 packets to udp(1026,1027) From 221.209.110.8 - 29 packets to udp(1026,1027) From 221.209.110.13 - 28 packets to udp(1026,1027) From 221.209.110.20 - 22 packets to udp(1026,1027) From 221.209.110.50 - 24 packets to udp(1026,1027) From 222.108.56.173 - 2 packets to icmp(8) From 222.171.13.179 - 1 packet to tcp(135) ---------------------- iptables firewall End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: unknown (212.102.0.124): 7 Time(s) root (200.21.94.116): 3 Time(s) root (212.102.0.124): 2 Time(s) root (218.85.133.13): 2 Time(s) Invalid Users: Unknown Account: 7 Time(s) ---------------------- pam_unix End ------------------------- --------------------- SSHD Begin ------------------------ Failed logins from: 200.21.94.116: 3 times 212.102.0.124 (shabnet0-124.shabakah.net): 2 times 218.85.133.13: 2 times Illegal users from: 212.102.0.124 (shabnet0-124.shabakah.net): 7 times Received disconnect: 11: Bye Bye : 13 Time(s) Refused incoming connections: ::ffff:212.102.0.124 (::ffff:212.102.0.124): 1 Time(s) **Unmatched Entries** pam_succeed_if(sshd:auth): error retrieving information about user admin : 1 time(s) pam_succeed_if(sshd:auth): error retrieving information about user stephanie : 1 time(s) pam_succeed_if(sshd:auth): error retrieving information about user william : 1 time(s) reverse mapping checking getaddrinfo for shabnet0-124.shabakah.net failed - POSSIBLE BREAK-IN ATTEMPT! : 9 time(s) pam_succeed_if(sshd:auth): error retrieving information about user aaron : 1 time(s) pam_succeed_if(sshd:auth): error retrieving information about user gt05 : 1 time(s) pam_succeed_if(sshd:auth): error retrieving information about user trash : 1 time(s) pam_succeed_if(sshd:auth): error retrieving information about user stud : 1 time(s) ---------------------- SSHD End ------------------------- --------------------- XNTPD Begin ------------------------ Time Reset 9 times (total: 44.691858 s average: 4.965762 s) Total synchronizations 184 (hosts: 3) ---------------------- XNTPD End ------------------------- --------------------- yum Begin ------------------------ Packages Installed: kernel.i686 2.6.18-8.1.15.el5 Packages Updated: xfsprogs-devel.i386 2.9.4-1.el5.centos openssl.i686 0.9.8b-8.3.el5_0.2 xfsdump.i386 2.2.46-1.el5.centos lirc.i386 0.8.1-1.el5.af kernel-headers.i386 2.6.18-8.1.15.el5 xfsprogs.i386 2.9.4-1.el5.centos ---------------------- yum End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/hda5 36G 8.1G 26G 24% / /dev/hdb1 37G 3.3G 32G 10% /home /dev/hdc1 150G 33G 117G 22% /mrr ---------------------- Disk Space End -------------------------