Mailinglist Archive: opensuse-security (520 mails)
| < Previous | Next > |
Re: [suse-security] /var/log/messages
- From: Nix <suse@xxxxxxxxxxxxxxx>
- Date: Tue, 12 Dec 2000 20:38:56 +1100
- Message-id: <5.0.1.4.0.20001212172016.044fecb8@xxxxxxxxxxxxxxxxxxxx>
EEEKKKKKK
You should at LEAST have something like this:
Dec 12 10:34:55 dante -- MARK --
Dec 12 10:39:11 dante sshd[5547]: Accepted password for petern from 10.1.0.178 port 1036
Dec 12 10:40:03 dante su: (to root) nix on /dev/pts/0
Dec 12 10:40:03 dante PAM-unix2[5559]: session started for user root, service su
Dec 12 10:44:55 dante -- MARK --
try looking at your processes.... should look like this
# ps afx |grep syslogd
80 ? S 0:00 /usr/sbin/syslogd -r -m 5
6117 pts/0 S 0:00 \_ grep syslogd
dante:~ #
Either syslogd is not running, or you have been backdoored...
Nix
At 01:04 AM 12/12/2000 -0500, you wrote:
You should at LEAST have something like this:
Dec 12 10:34:55 dante -- MARK --
Dec 12 10:39:11 dante sshd[5547]: Accepted password for petern from 10.1.0.178 port 1036
Dec 12 10:40:03 dante su: (to root) nix on /dev/pts/0
Dec 12 10:40:03 dante PAM-unix2[5559]: session started for user root, service su
Dec 12 10:44:55 dante -- MARK --
try looking at your processes.... should look like this
# ps afx |grep syslogd
80 ? S 0:00 /usr/sbin/syslogd -r -m 5
6117 pts/0 S 0:00 \_ grep syslogd
dante:~ #
Either syslogd is not running, or you have been backdoored...
Nix
At 01:04 AM 12/12/2000 -0500, you wrote:
Hello,
I have just installed SuSE 7 about a month ago and have not had any messages
recorded to /var/log/messages since Nov 21. Is this a sign of a healthy system
or could there be a problem?
Thanks in advance,
Mike
---------------------------------------------------------------------
To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
For additional commands, e-mail: suse-security-help@xxxxxxxx
| < Previous | Next > |