Date: Fri, 8 Sep 2000 22:38:40 -0700 From: "Crist J . Clark" <cjclark@reflexnet.net> To: "Ryugen C. Fisher" <Ryugen@palaver.org> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: strange security message Message-ID: <20000908223840.P69158@149.211.6.64.reflexcom.com> In-Reply-To: <4.3.2.7.2.20000908063552.00acbd10@mail.bfm.org>; from Ryugen@palaver.org on Fri, Sep 08, 2000 at 06:43:25AM -0500 References: <4.3.2.7.2.20000908063552.00acbd10@mail.bfm.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Sep 08, 2000 at 06:43:25AM -0500, Ryugen C. Fisher wrote: > My "security check output" recently began to send me the following: > > chih.bfm.org login failures: > grep: /var/log/messages: No such file or directory > > chih.bfm.org refused connections: > grep: /var/log/messages: No such file or directory > > > I have looked at the syslog.conf file and it seems "normal" ... I have also > not made any changes that would account for this. A look at the /var/log > directory shows that there is NOT a /var/log/messages file, but I don't > know why it does not exist... To get things started again, # touch /var/log/messages # kill -HUP `cat /var/run/syslog.pid` > I suspect that I have a 'stowaway' but can't be certain at this > point... if I have an intruder, he (or she) knows more about FreeBSD than > I do. It does sound like a break in is a possibility. What does this system do? Maybe it is a good excuse to wipe clean and do a binary upgrade to 4.1. -- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000908223840.P69158>