From: Murat Barış ÜNAL (mbunal@bugsbilgisayar.com)
Date: Sat 19 Jun 2004 - 09:29:07 EEST
Merhaba
Bu logwatch rh9 varmiydi blmiyorum ama karsima hic cikmamisti. Fc1 ve 2
de
herhalde varsayilan olarak kuruluyor. Fc kurarken paketini sectigimi
hatirlamiyorum ama kurdugum sistemlerde hep vardi.
Herkese kolay gele
-----Original Message-----
From: linux-network-bounce@liste.linux.org.tr
[mailto:linux-network-bounce@liste.linux.org.tr] On Behalf Of Genco
YILMAZ
Sent: Friday, June 18, 2004 9:33 PM
To: linux-network@liste.linux.org.tr
Subject: [linux-network] Re: garip bişey oldu
selam,
sistemi yeni kurmadiysaniz daha oncede gormus olmaliydiniz.
root kullanicisina bazi raporlama islevini yurutuyor LogWatch.
ssh,ftp baglantilari , disk kullanim raporunuda gondermis ornegin.
/etc/cron.daily de duruyor olsa gerek (kirmizi takke kullaniyorsunuz
galiba
:). Calistirmak istemiyorsaniz silebilirsiniz.
kolay gelsin.
> konsolda çalışırken ekrana
> You have new mail in /var/spool/mail/root şeklinde bir uyarı
> geldi.dosyayının içeriği şöyle
>
> From root@localhost.localdomain Wed Jun 16 00:23:47
> 2004
> Return-Path: <root@localhost.localdomain>
> Received: from localhost.localdomain
> (localhost.localdomain [127.0.0.1])
> by localhost.localdomain (8.12.10/8.12.10) with ESMTP id
> i5FLNlUR002644
> for <root@localhost.localdomain>; Wed, 16 Jun
> 2004 00:23:47 +0300
> Received: (from root@localhost)
> by localhost.localdomain
> (8.12.10/8.12.10/Submit) id i5FLNl9f002641
> for root; Wed, 16 Jun 2004 00:23:47 +0300
> Date: Wed, 16 Jun 2004 00:23:47 +0300
> From: root <root@localhost.localdomain>
> Message-Id:
> <200406152123.i5FLNl9f002641@localhost.localdomain>
> To: root@localhost.localdomain
> Subject: LogWatch for localhost.localdomain
>
>
> ################### LogWatch 4.3.2 (02/18/03) ####################
> Processing Initiated: Wed Jun 16 00:23:46 2004
> Date Range Processed: yesterday
> Detail Level of Output: 0
> Logfiles for Host: localhost.localdomain
>
> ################################################################
>
> --------------------- Init Begin
> ------------------------
>
> **Unmatched Entries**
> open(/dev/pts/0): No such file or directory
>
> ---------------------- Init End
> -------------------------
>
>
> --------------------- ModProbe Begin
> ------------------------
>
>
> Can't locate these modules:
> char-major-10-134: 3 Time(s)
> sound-service-1-0: 4 Time(s)
> char-major-188: 1 Time(s)
> sound-slot-1: 4 Time(s)
> sound-service-0-0: 1 Time(s)
>
> ---------------------- ModProbe End
> -------------------------
>
>
> --------------------- Connections (secure-log) Begin
> ------------------------
>
>
> **Unmatched Entries**
> xinetd[938]: START: sgi_fam pid=1264 from=<no address>
> userhelper[1638]: pam_timestamp: updated timestamp file
> `/var/run/sudo/root/unknown'
> userhelper[1639]: running
> '/usr/share/redhat-config-xfree86/redhat-config-xfree86'
> with root privileges on behalf of 'root'
> userhelper[1648]: pam_timestamp: updated timestamp file
> `/var/run/sudo/root/unknown'
> userhelper[1649]: running '/usr/sbin/gdmsetup' with root privileges on
> behalf of 'root'
> userhelper[1873]: pam_timestamp: updated timestamp file
> `/var/run/sudo/root/unknown'
> userhelper[1874]: running
> '/usr/share/redhat-config-users/redhat-config-users'
> with root privileges on behalf of 'root'
> userhelper[1921]: pam_timestamp: updated timestamp file
> `/var/run/sudo/root/unknown'
> userhelper[1922]: running
> '/usr/sbin/redhat-install-packages
> /root/Desktop/x3270-x11-3.2.20-4.2.i386.rpm' with root privileges on
> behalf of 'root'
> userhelper[1935]: pam_timestamp: updated timestamp file
> `/var/run/sudo/root/unknown'
> userhelper[1936]: running
> '/usr/sbin/redhat-install-packages
> /root/Desktop/x3270-x11-3.2.20-4.2.i386.rpm' with root privileges on
> behalf of 'root'
>
> ---------------------- Connections (secure-log) End
> -------------------------
>
>
> --------------------- Smartd Begin
> ------------------------
>
>
> /dev/hda :
> 1 Time(s): is SMART capable. Adding to "monitor"
> list.
> 1 Time(s): not found in smartd database.
> 1 Time(s): opened
>
> ---------------------- Smartd End
> -------------------------
>
>
> --------------------- SSHD Begin
> ------------------------
>
>
> SSHD Started: 1 Time(s)
>
> **Unmatched Entries**
> RSA1 key generation succeeded
> RSA key generation succeeded
> DSA key generation succeeded
>
> ---------------------- SSHD End
> -------------------------
>
>
>
> ------------------ Disk Space --------------------
>
> Filesystem Size Used Avail Use% Mounted on
> /dev/hda9 3.9G 235M 3.5G 7% /
> none 251M 0 251M 0% /dev/shm
> /dev/hda8 7.5G 2.5G 4.6G 35% /usr
> /dev/cdrom 616M 616M 0 100% /mnt/cdrom
>
>
> ###################### LogWatch End
> #########################
>
> From root@localhost.localdomain Thu Jun 17 19:01:43
> 2004
> Return-Path: <root@localhost.localdomain>
> Received: from localhost.localdomain
> (localhost.localdomain [127.0.0.1])
> by localhost.localdomain (8.12.10/8.12.10) with ESMTP id
> i5HG1gvB005867
> for <root@localhost.localdomain>; Thu, 17 Jun
> 2004 19:01:42 +0300
> Received: (from root@localhost)
> by localhost.localdomain
> (8.12.10/8.12.10/Submit) id i5HG1g9s005864
> for root; Thu, 17 Jun 2004 19:01:42 +0300
> Date: Thu, 17 Jun 2004 19:01:42 +0300
> From: root <root@localhost.localdomain>
> Message-Id:
> <200406171601.i5HG1g9s005864@localhost.localdomain>
> To: root@localhost.localdomain
> Subject: LogWatch for localhost.localdomain
>
>
> ################### LogWatch 4.3.2 (02/18/03) ####################
> Processing Initiated: Thu Jun 17 19:01:31 2004
> Date Range Processed: yesterday
> Detail Level of Output: 0
> Logfiles for Host: localhost.localdomain
>
> ################################################################
>
> --------------------- Init Begin
> ------------------------
>
> **Unmatched Entries**
> Trying to re-exec init
> open(/dev/pts/0): No such file or directory
> open(/dev/pts/0): No such file or directory
> open(/dev/pts/0): No such file or directory
> open(/dev/pts/0): No such file or directory
>
> ---------------------- Init End
> -------------------------
>
>
> --------------------- ModProbe Begin
> ------------------------
>
>
> Can't locate these modules:
> sound-service-1-0: 16 Time(s)
> char-major-188: 4 Time(s)
> sound-service-0-0: 4 Time(s)
> sound-slot-1: 16 Time(s)
> char-major-10-134: 7 Time(s)
>
> ---------------------- ModProbe End
> -------------------------
>
>
> --------------------- pam_unix Begin
> ------------------------
>
> gdm:
> Unknown Entries:
> authentication failure; logname= uid=0 euid=0 tty=:0
ruser=
> rhost= : 1 Time(s)
> check pass; user unknown: 1 Time(s)
>
>
> ---------------------- pam_unix End
> -------------------------
>
>
> --------------------- Connections (secure-log) Begin
> ------------------------
>
>
> **Unmatched Entries**
> xinetd[938]: START: sgi_fam pid=2276 from=<no address>
> userhelper[3002]: pam_timestamp: updated timestamp file
> `/var/run/sudo/root/unknown'
> userhelper[3003]: running
> '/usr/sbin/redhat-install-packages
> /rpms/amsn-0.90-1.i386.rpm' with root privileges on behalf of 'root'
> userhelper[6212]: pam_timestamp: updated timestamp file
> `/var/run/sudo/root/unknown'
> userhelper[6213]: running '/usr/sbin/up2date' with root privileges on
> behalf of 'root'
>
> ---------------------- Connections (secure-log) End
> -------------------------
>
>
> --------------------- Smartd Begin
> ------------------------
>
>
> /dev/hda :
> 4 Time(s): is SMART capable. Adding to "monitor"
> list.
> 4 Time(s): not found in smartd database.
> 4 Time(s): opened
>
> ---------------------- Smartd End
> -------------------------
>
>
> --------------------- SSHD Begin
> ------------------------
>
>
> SSHD Killed: 5 Time(s)
>
> SSHD Started: 4 Time(s)
>
> Users logging in through sshd:
> root logged in from 10.0.0.6 using password: 1
> Time(s)
> root logged in from localhost.localdomain
> (127.0.0.1) using password: 1 Time(s)
>
> ---------------------- SSHD End
> -------------------------
>
>
>
> ------------------ Disk Space --------------------
>
> Filesystem Size Used Avail Use% Mounted on
> /dev/hda9 3.9G 250M 3.5G 7% /
> none 251M 0 251M 0% /dev/shm
> /dev/hda8 7.5G 2.5G 4.6G 36% /usr
> /dev/hda6 9.8G 7.9G 1.9G 81% /mnt/win_e
>
>
> ###################### LogWatch End
> #########################
>
> From root@localhost.localdomain Fri Jun 18 18:16:59
> 2004
> Return-Path: <root@localhost.localdomain>
> Received: from localhost.localdomain
> (localhost.localdomain [127.0.0.1])
> by localhost.localdomain (8.12.10/8.12.10) with ESMTP id
> i5IFGxXZ006037
> for <root@localhost.localdomain>; Fri, 18 Jun
> 2004 18:16:59 +0300
> Received: (from root@localhost)
> by localhost.localdomain
> (8.12.10/8.12.10/Submit) id i5IFGxbq006034
> for root; Fri, 18 Jun 2004 18:16:59 +0300
> Date: Fri, 18 Jun 2004 18:16:59 +0300
> From: root <root@localhost.localdomain>
> Message-Id:
> <200406181516.i5IFGxbq006034@localhost.localdomain>
> To: root@localhost.localdomain
> Subject: LogWatch for localhost.localdomain
>
>
> ################### LogWatch 4.3.2 (02/18/03) ####################
> Processing Initiated: Fri Jun 18 18:16:58 2004
> Date Range Processed: yesterday
> Detail Level of Output: 0
> Logfiles for Host: localhost.localdomain
>
> ################################################################
>
> --------------------- Init Begin
> ------------------------
>
> **Unmatched Entries**
> open(/dev/pts/0): No such file or directory
> open(/dev/pts/0): No such file or directory
> open(/dev/pts/0): No such file or directory
> open(/dev/pts/0): No such file or directory
> open(/dev/pts/0): No such file or directory
> open(/dev/pts/0): No such file or directory
>
> ---------------------- Init End
> -------------------------
>
>
> --------------------- ModProbe Begin
> ------------------------
>
>
> Can't locate these modules:
> char-major-10-134: 7 Time(s)
> char-major-188: 6 Time(s)
> sound-service-1-0: 20 Time(s)
> sound-slot-1: 20 Time(s)
> sound-service-0-0: 5 Time(s)
>
> ---------------------- ModProbe End
> -------------------------
>
>
> --------------------- Connections (secure-log) Begin
> ------------------------
>
>
> **Unmatched Entries**
> userhelper[5040]: running '/sbin/poweroff' with root privileges on
> behalf of 'root'
> userhelper[5042]: running '/sbin/reboot' with root privileges on
> behalf of 'root'
> userhelper[5471]: pam_timestamp: updated timestamp file
> `/var/run/sudo/root/unknown'
> userhelper[5472]: running
> '/usr/sbin/redhat-install-packages
> /rpms/xmms-1.2.10-1.src.rpm' with root privileges on behalf of 'root'
> userhelper[5479]: pam_timestamp: updated timestamp file
> `/var/run/sudo/root/unknown'
> userhelper[5480]: running
> '/usr/sbin/redhat-install-packages
> /rpms/xmms-1.2.10-1.src.rpm' with root privileges on behalf of 'root'
> userhelper[5567]: pam_timestamp: updated timestamp file
> `/var/run/sudo/root/unknown'
> userhelper[5568]: running
> '/usr/sbin/redhat-install-packages
> /rpms/xmms-1.2.10-1.i386.rpm' with root privileges on behalf of 'root'
> userhelper[5580]: pam_timestamp: updated timestamp file
> `/var/run/sudo/root/unknown'
> userhelper[5581]: running
> '/usr/sbin/redhat-install-packages
> /rpms/xmms-esd-1.2.10-1.i386.rpm' with root privileges on behalf of
> 'root'
>
> ---------------------- Connections (secure-log) End
> -------------------------
>
>
> --------------------- Smartd Begin
> ------------------------
>
>
> /dev/hda :
> 6 Time(s): is SMART capable. Adding to "monitor"
> list.
> 6 Time(s): not found in smartd database.
> 6 Time(s): opened
>
> ---------------------- Smartd End
> -------------------------
>
>
> --------------------- SSHD Begin
> ------------------------
>
>
> SSHD Killed: 6 Time(s)
>
> SSHD Started: 6 Time(s)
>
> ---------------------- SSHD End
> -------------------------
>
>
>
> ------------------ Disk Space --------------------
>
> Filesystem Size Used Avail Use% Mounted on
> /dev/hda9 3.9G 414M 3.3G 12% /
> none 251M 0 251M 0% /dev/shm
> /dev/hda8 7.5G 2.5G 4.6G 36% /usr
> /dev/hda6 9.8G 7.9G 1.9G 81% /mnt/win_e
>
>
> ###################### LogWatch End
> #########################
>
>
> başıma ilk defa geldi.bu nedir?bilen var mı?
>
>
>
> __________________________________
> Do you Yahoo!?
> New and Improved Yahoo! Mail - Send 10MB messages!
> http://promotions.yahoo.com/new_mail
>
>