Log check reports - what's going on?

• Previous message: Clive Menzies: "Re: Help Installing / Upgrading Cron"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

To: debian-user@lists.debian.org
Date: Fri, 30 Jul 2004 02:06:12 +1000

Here is an excerpt from the head of my hourly log check report.
It usually just flags the odd authentication failure, quite often my own
mis-spelling of a password or failure to access cdrom etc.

But now I'm getting heaps of the following messages every hour.

What next please?

Bob Parker

This mail is sent by logcheck. If you do not want to receive it any more,
please modify the configuration files in /etc/logcheck or deinstall logcheck.

Possible Security Violations
=-=-=-=-=-=-=-=-=-=
Jul 29 18:53:47 debian inetd[20208]: execv /usr/sbin/tcpd: Permission denied
Jul 29 18:53:48 debian inetd[20209]: execv /usr/sbin/tcpd: Permission denied
Jul 29 18:53:52 debian inetd[20210]: execv /usr/sbin/tcpd: Permission denied

Unusual System Events
=-=-=-=-=-=-=-=-=-=-=
Jul 29 18:02:11 debian pppd[19124]: rcvd [LCP EchoReq id=0x27
magic=0xf37beb2b cb c2 38 96]
Jul 29 18:02:11 debian pppd[19124]: sent [LCP EchoRep id=0x27
magic=0x2cff1c87 cb c2 38 96]
Jul 29 18:02:21 debian pppd[19124]: rcvd [LCP EchoReq id=0x28
magic=0xf37beb2b cb c2 38 96]
Jul 29 18:02:21 debian pppd[19124]: sent [LCP EchoRep id=0x28
magic=0x2cff1c87 cb c2 38 96]
Jul 29 18:02:29 debian pppd[19124]: sent [LCP EchoReq id=0x1b
magic=0x2cff1c87]
Jul 29 18:02:29 debian pppd[19124]: rcvd [LCP EchoRep id=0x1b
magic=0xf37beb2b]
Jul 29 18:02:31 debian pppd[19124]: rcvd [LCP EchoReq id=0x29
magic=0xf37beb2b cb c2 38 96]
Jul 29 18:02:31 debian pppd[19124]: sent [LCP EchoRep id=0x29
magic=0x2cff1c87 cb c2 38 96]

-- 
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

• Previous message: Clive Menzies: "Re: Help Installing / Upgrading Cron"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]