Me espian o que es todo esto?
Hola a todos... en mi Woody estoy recibiendo muchos logs y a cada rato (con
una hora que no reconozco ya que anda atrasado y aun no encontre la forma de
poner la hora bien :( ) me llegan mails del Snoopy (segun la desc es un
tcpwrapper y un logger) con logs como este que envio a continuacion para ver
si alguien me puede decir que es, si tengo un programa que me monitorea todo
y trabaja para luego enviar datos a alguien o que se yo... la cosa es que
todo esto se hace sin conexion, ya que no me estoy conectando con Debian a
internet, y estos logs me siguen apareciendo. Se me hace que me dejaron algo
metido, pero no se que pensar ya de todo esto. Asi que si alguien me puede
comentar que es todo esto, me ayudaria mucho de verdad. Solo comentar que es
solo una parte del log, porque es gigante y seria una tonteria mandarlo
completo ya que se repite a cada rato todo eso que mande aca. Todo eso pasa
antes de conectarme como Root, deje ese login root al final para delimitar
de alguna forma, para que se vea todo lo que pasa antes de loguearme, aunque
luego de loguearme todo eso sigue y sigue. Saludos a todos y perdon por ser
tan pesado con todo este tema... suerte y gracias.
This mail is sent by logcheck. If you do not want to receive it any more,
please modify the configuration files in /etc/logcheck or deinstall
logcheck.
Possible Security Violations
=-=-=-=-=-=-=-=-=-=
Aug 28 15:58:04 druida snoopy[436]: [(null), uid:0 sid:359]: cat
/var/log/debug
Aug 28 15:58:04 druida snoopy[441]: [(null), uid:0 sid:359]:
/usr/sbin/logtail /var/log/debug /var/lib/logcheck/offset.var.lo
Aug 28 15:58:30 druida login[350]: ROOT LOGIN on `tty1'
Unusual System Events
=-=-=-=-=-=-=-=-=-=-=
Aug 28 15:58:04 druida snoopy[430]: [(null), uid:0 sid:359]: tail -n 1
Aug 28 15:58:04 druida snoopy[431]: [(null), uid:0 sid:359]:
/usr/sbin/logtail /var/log/auth.log /var/lib/logcheck/offset.var.lo
Aug 28 15:58:04 druida snoopy[434]: [(null), uid:0 sid:359]: tr / .
Aug 28 15:58:04 druida snoopy[436]: [(null), uid:0 sid:359]: cat
/var/log/debug
Aug 28 15:58:04 druida snoopy[437]: [(null), uid:0 sid:359]: wc -c
Aug 28 15:58:04 druida snoopy[439]: [(null), uid:0 sid:359]: cat
/var/lib/logcheck/offset.var.lo
Aug 28 15:58:04 druida snoopy[440]: [(null), uid:0 sid:359]: tail -n 1
Aug 28 15:58:04 druida snoopy[441]: [(null), uid:0 sid:359]:
/usr/sbin/logtail /var/log/debug /var/lib/logcheck/offset.var.lo
Aug 28 15:58:04 druida snoopy[444]: [(null), uid:0 sid:359]: tr / .
Aug 28 15:58:04 druida snoopy[446]: [(null), uid:0 sid:359]: cat
/var/log/mail.err
Aug 28 15:58:04 druida snoopy[447]: [(null), uid:0 sid:359]: wc -c
Aug 28 15:58:04 druida snoopy[449]: [(null), uid:0 sid:359]: cat
/var/lib/logcheck/offset.var.lo
Aug 28 15:58:04 druida snoopy[450]: [(null), uid:0 sid:359]: tail -n 1
Aug 28 15:58:04 druida snoopy[451]: [(null), uid:0 sid:359]:
/usr/sbin/logtail /var/log/mail.err /var/lib/logcheck/offset.var.lo
Aug 28 15:58:04 druida snoopy[454]: [(null), uid:0 sid:359]: tr / .
Aug 28 15:58:04 druida snoopy[456]: [(null), uid:0 sid:359]: cat
/var/log/mail.info
Aug 28 15:58:04 druida snoopy[457]: [(null), uid:0 sid:359]: wc -c
Aug 28 15:58:04 druida snoopy[459]: [(null), uid:0 sid:359]: cat
/var/lib/logcheck/offset.var.lo
Aug 28 15:58:04 druida snoopy[460]: [(null), uid:0 sid:359]: tail -n 1
Aug 28 15:58:04 druida snoopy[461]: [(null), uid:0 sid:359]:
/usr/sbin/logtail /var/log/mail.info /var/lib/logcheck/offset.var.lo
Aug 28 15:58:04 druida snoopy[464]: [(null), uid:0 sid:359]: tr / .
Aug 28 15:58:04 druida snoopy[466]: [(null), uid:0 sid:359]: cat
/var/log/kern.log
Aug 28 15:58:04 druida snoopy[467]: [(null), uid:0 sid:359]: wc -c
Aug 28 15:58:05 druida snoopy[469]: [(null), uid:0 sid:359]: cat
/var/lib/logcheck/offset.var.lo
Aug 28 15:58:05 druida snoopy[470]: [(null), uid:0 sid:359]: tail -n 1
Aug 28 15:58:05 druida snoopy[471]: [(null), uid:0 sid:359]:
/usr/sbin/logtail /var/log/kern.log /var/lib/logcheck/offset.var.lo
Aug 28 15:58:05 druida snoopy[474]: [(null), uid:0 sid:359]: tr / .
Aug 28 15:58:05 druida snoopy[476]: [(null), uid:0 sid:359]: cat
/var/log/mail.warn
Aug 28 15:58:05 druida snoopy[477]: [(null), uid:0 sid:359]: wc -c
Aug 28 15:58:05 druida snoopy[479]: [(null), uid:0 sid:359]: cat
/var/lib/logcheck/offset.var.lo
Aug 28 15:58:05 druida snoopy[480]: [(null), uid:0 sid:359]: tail -n 1
Aug 28 15:58:05 druida snoopy[481]: [(null), uid:0 sid:359]:
/usr/sbin/logtail /var/log/mail.warn /var/lib/logcheck/offset.var.lo
Aug 28 15:58:05 druida snoopy[484]: [(null), uid:0 sid:359]: tr / .
Aug 28 15:58:05 druida snoopy[486]: [(null), uid:0 sid:359]: cat
/var/log/uucp.log
Aug 28 15:58:05 druida snoopy[487]: [(null), uid:0 sid:359]: wc -c
Aug 28 15:58:05 druida snoopy[489]: [(null), uid:0 sid:359]: cat
/var/lib/logcheck/offset.var.lo
Aug 28 15:58:05 druida snoopy[490]: [(null), uid:0 sid:359]: tail -n 1
Aug 28 15:58:05 druida snoopy[491]: [(null), uid:0 sid:359]:
/usr/sbin/logtail /var/log/uucp.log /var/lib/logcheck/offset.var.lo
Aug 28 15:58:05 druida snoopy[494]: [(null), uid:0 sid:359]: tr / .
Aug 28 15:58:05 druida snoopy[496]: [(null), uid:0 sid:359]: cat
/var/log/user.log
Aug 28 15:58:05 druida snoopy[497]: [(null), uid:0 sid:359]: wc -c
Aug 28 15:58:05 druida snoopy[499]: [(null), uid:0 sid:359]: cat
/var/lib/logcheck/offset.var.lo
Aug 28 15:58:05 druida snoopy[500]: [(null), uid:0 sid:359]: tail -n 1
Aug 28 15:58:05 druida snoopy[501]: [(null), uid:0 sid:359]:
/usr/sbin/logtail /var/log/user.log /var/lib/logcheck/offset.var.lo
Aug 28 15:58:05 druida snoopy[502]: [(null), uid:0 sid:359]: sort -k 1,3 -s
/var/tmp/logcheck/check.360
Aug 28 15:58:05 druida snoopy[503]: [(null), uid:0 sid:359]: uniq
Aug 28 15:58:05 druida snoopy[504]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/check-sorted.
Aug 28 15:58:05 druida snoopy[506]: [(null), uid:0 sid:359]: ls
/etc/logcheck/cracking.d/
Aug 28 15:58:05 druida snoopy[507]: [(null), uid:0 sid:359]: wc -l
Aug 28 15:58:05 druida snoopy[509]: [(null), uid:0 sid:359]: ls
/etc/logcheck/violations.d/
Aug 28 15:58:05 druida snoopy[510]: [(null), uid:0 sid:359]: wc -l
Aug 28 15:58:05 druida snoopy[512]: [(null), uid:0 sid:359]: ls
/etc/logcheck/violations.ignore
Aug 28 15:58:05 druida snoopy[513]: [(null), uid:0 sid:359]: wc -l
Aug 28 15:58:06 druida snoopy[515]: [(null), uid:0 sid:359]: ls
/etc/logcheck/ignore.d/
Aug 28 15:58:06 druida snoopy[516]: [(null), uid:0 sid:359]: wc -l
Aug 28 15:58:06 druida snoopy[517]: [(null), uid:0 sid:359]: expr
/etc/logcheck/logcheck.cracking
Aug 28 15:58:06 druida snoopy[518]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/logch
Aug 28 15:58:06 druida snoopy[519]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/logch
Aug 28 15:58:06 druida snoopy[520]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/logcheck.cracking
Aug 28 15:58:06 druida snoopy[521]: [(null), uid:0 sid:359]: expr
/etc/logcheck/logcheck.violatio
Aug 28 15:58:06 druida snoopy[522]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/logch
Aug 28 15:58:06 druida snoopy[523]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/logch
Aug 28 15:58:06 druida snoopy[524]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/logcheck.violatio
Aug 28 15:58:06 druida snoopy[525]: [(null), uid:0 sid:359]: expr
/etc/logcheck/logcheck.violatio
Aug 28 15:58:06 druida snoopy[526]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/logch
Aug 28 15:58:06 druida snoopy[527]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/logch
Aug 28 15:58:06 druida snoopy[528]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/logcheck.violatio
Aug 28 15:58:06 druida snoopy[529]: [(null), uid:0 sid:359]: expr
/etc/logcheck/logcheck.ignore : /etc/logcheck/\(.*\)
Aug 28 15:58:06 druida snoopy[530]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/logch
Aug 28 15:58:06 druida snoopy[531]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/logch
Aug 28 15:58:06 druida snoopy[532]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/logcheck.ignore
Aug 28 15:58:06 druida snoopy[533]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/anacron : /etc/logcheck/\(.*\)
Aug 28 15:58:06 druida snoopy[534]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:06 druida snoopy[535]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:06 druida snoopy[536]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/anacron
Aug 28 15:58:06 druida snoopy[537]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/automoun
Aug 28 15:58:06 druida snoopy[538]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:06 druida snoopy[539]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:06 druida snoopy[540]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/automoun
Aug 28 15:58:06 druida snoopy[541]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/bind : /etc/logcheck/\(.*\)
Aug 28 15:58:06 druida snoopy[542]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:06 druida snoopy[543]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:06 druida snoopy[544]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/bind
Aug 28 15:58:07 druida snoopy[545]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/cron : /etc/logcheck/\(.*\)
Aug 28 15:58:07 druida snoopy[546]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:07 druida snoopy[547]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:07 druida snoopy[548]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/cron
Aug 28 15:58:07 druida snoopy[549]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/dhcp : /etc/logcheck/\(.*\)
Aug 28 15:58:07 druida snoopy[550]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:07 druida snoopy[551]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:07 druida snoopy[552]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/dhcp
Aug 28 15:58:07 druida snoopy[553]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/exim : /etc/logcheck/\(.*\)
Aug 28 15:58:07 druida snoopy[554]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:07 druida snoopy[555]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:07 druida snoopy[556]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/exim
Aug 28 15:58:07 druida snoopy[557]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/fetchmai
Aug 28 15:58:07 druida snoopy[558]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:07 druida snoopy[559]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:07 druida snoopy[560]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/fetchmai
Aug 28 15:58:07 druida snoopy[561]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/gnome-bi
Aug 28 15:58:07 druida snoopy[562]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:07 druida snoopy[563]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:07 druida snoopy[564]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/gnome-bi
Aug 28 15:58:07 druida snoopy[565]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/imap : /etc/logcheck/\(.*\)
Aug 28 15:58:07 druida snoopy[566]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:07 druida snoopy[567]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:07 druida snoopy[568]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/imap
Aug 28 15:58:07 druida snoopy[569]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/imp : /etc/logcheck/\(.*\)
Aug 28 15:58:07 druida snoopy[570]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:07 druida snoopy[571]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:07 druida snoopy[572]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/imp
Aug 28 15:58:07 druida snoopy[573]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/ipppd : /etc/logcheck/\(.*\)
Aug 28 15:58:07 druida snoopy[574]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:07 druida snoopy[575]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:07 druida snoopy[576]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/ipppd
Aug 28 15:58:07 druida snoopy[577]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/isdnlog : /etc/logcheck/\(.*\)
Aug 28 15:58:07 druida snoopy[578]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:07 druida snoopy[579]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:07 druida snoopy[580]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/isdnlog
Aug 28 15:58:08 druida snoopy[581]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/isdnutil
Aug 28 15:58:08 druida snoopy[582]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:08 druida snoopy[583]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:08 druida snoopy[584]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/isdnutil
Aug 28 15:58:08 druida snoopy[585]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/mysql-se
Aug 28 15:58:08 druida snoopy[586]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:08 druida snoopy[587]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:08 druida snoopy[588]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/mysql-se
Aug 28 15:58:08 druida snoopy[589]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/net-acct
Aug 28 15:58:08 druida snoopy[590]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:08 druida snoopy[591]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:08 druida snoopy[592]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/net-acct
Aug 28 15:58:08 druida snoopy[593]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/oidentd : /etc/logcheck/\(.*\)
Aug 28 15:58:08 druida snoopy[594]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:08 druida snoopy[595]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:08 druida snoopy[596]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/oidentd
Aug 28 15:58:08 druida snoopy[597]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/portsent
Aug 28 15:58:08 druida snoopy[598]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:08 druida snoopy[599]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:08 druida snoopy[600]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/portsent
Aug 28 15:58:08 druida snoopy[601]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/postfix : /etc/logcheck/\(.*\)
Aug 28 15:58:08 druida snoopy[602]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:08 druida snoopy[603]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:08 druida snoopy[604]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/postfix
Aug 28 15:58:08 druida snoopy[605]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/ppp : /etc/logcheck/\(.*\)
Aug 28 15:58:08 druida snoopy[606]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:08 druida snoopy[607]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:08 druida snoopy[608]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/ppp
Aug 28 15:58:08 druida snoopy[609]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/proftpd : /etc/logcheck/\(.*\)
Aug 28 15:58:08 druida snoopy[610]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:08 druida snoopy[611]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:09 druida snoopy[612]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/proftpd
Aug 28 15:58:09 druida snoopy[613]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/pump : /etc/logcheck/\(.*\)
Aug 28 15:58:09 druida snoopy[614]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:09 druida snoopy[615]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:09 druida snoopy[616]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/pump
Aug 28 15:58:09 druida snoopy[617]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/qmail : /etc/logcheck/\(.*\)
Aug 28 15:58:09 druida snoopy[618]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:09 druida snoopy[619]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:09 druida snoopy[620]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/qmail
Aug 28 15:58:09 druida snoopy[621]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/qpopper : /etc/logcheck/\(.*\)
Aug 28 15:58:09 druida snoopy[622]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:09 druida snoopy[623]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:09 druida snoopy[624]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/qpopper
Aug 28 15:58:09 druida snoopy[625]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/samba : /etc/logcheck/\(.*\)
Aug 28 15:58:09 druida snoopy[626]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:09 druida snoopy[627]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:09 druida snoopy[628]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/samba
Aug 28 15:58:09 druida snoopy[629]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/squid : /etc/logcheck/\(.*\)
Aug 28 15:58:09 druida snoopy[630]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:09 druida snoopy[631]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:09 druida snoopy[632]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/squid
Aug 28 15:58:09 druida snoopy[633]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/ssh : /etc/logcheck/\(.*\)
Aug 28 15:58:09 druida snoopy[634]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:09 druida snoopy[635]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:09 druida snoopy[636]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/ssh
Aug 28 15:58:09 druida snoopy[637]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/stunnel : /etc/logcheck/\(.*\)
Aug 28 15:58:09 druida snoopy[638]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:09 druida snoopy[639]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:09 druida snoopy[640]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/stunnel
Aug 28 15:58:09 druida snoopy[641]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/sysklogd
Aug 28 15:58:09 druida snoopy[642]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:09 druida snoopy[643]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:09 druida snoopy[644]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/sysklogd
Aug 28 15:58:10 druida snoopy[645]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/telnetd : /etc/logcheck/\(.*\)
Aug 28 15:58:10 druida snoopy[646]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:10 druida snoopy[647]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:10 druida snoopy[648]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/telnetd
Aug 28 15:58:10 druida snoopy[649]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/uptimed : /etc/logcheck/\(.*\)
Aug 28 15:58:10 druida snoopy[650]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:10 druida snoopy[651]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:10 druida snoopy[652]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/uptimed
Aug 28 15:58:10 druida snoopy[653]: [(null), uid:0 sid:359]: egrep -i -f
/var/lib/logcheck/cleaned/logch
Aug 28 15:58:10 druida snoopy[654]: [(null), uid:0 sid:359]: egrep -i -f
/var/lib/logcheck/cleaned/logch
Aug 28 15:58:10 druida snoopy[655]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/logch
Aug 28 15:58:10 druida snoopy[656]: [(null), uid:0 sid:359]: cat
/var/tmp/logcheck/checkoutput.3
Aug 28 15:58:10 druida snoopy[657]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/logch
Aug 28 15:58:10 druida snoopy[660]: [(null), uid:0 sid:359]: wc -l
Aug 28 15:58:10 druida snoopy[659]: [(null), uid:0 sid:359]: ls
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:10 druida snoopy[661]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:10 druida snoopy[662]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t
Aug 28 15:58:10 druida snoopy[663]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:10 druida snoopy[664]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t
Aug 28 15:58:10 druida snoopy[665]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:10 druida snoopy[666]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t
Aug 28 15:58:10 druida snoopy[667]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:10 druida snoopy[668]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t
Aug 28 15:58:10 druida snoopy[669]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:10 druida snoopy[670]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t
Aug 28 15:58:10 druida snoopy[671]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:11 druida snoopy[672]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t
Aug 28 15:58:11 druida snoopy[673]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:11 druida snoopy[674]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t
Aug 28 15:58:11 druida snoopy[675]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:11 druida snoopy[676]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t
Aug 28 15:58:11 druida snoopy[677]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:11 druida snoopy[678]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t
Aug 28 15:58:11 druida snoopy[679]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:11 druida snoopy[680]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t
Aug 28 15:58:11 druida snoopy[681]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:11 druida snoopy[682]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t
Aug 28 15:58:11 druida snoopy[683]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:11 druida snoopy[684]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t
Aug 28 15:58:11 druida snoopy[685]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:11 druida snoopy[686]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t
Aug 28 15:58:11 druida snoopy[687]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:11 druida snoopy[688]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t
Aug 28 15:58:11 druida snoopy[689]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:11 druida snoopy[690]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t
Aug 28 15:58:11 druida snoopy[691]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:11 druida snoopy[692]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t
Aug 28 15:58:11 druida snoopy[693]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:11 druida snoopy[694]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t
Aug 28 15:58:11 druida snoopy[695]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:11 druida snoopy[696]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t
Aug 28 15:58:12 druida snoopy[697]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:12 druida snoopy[698]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t
Aug 28 15:58:12 druida snoopy[699]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:12 druida snoopy[700]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t
Aug 28 15:58:12 druida snoopy[701]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:12 druida snoopy[702]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t
Aug 28 15:58:12 druida snoopy[703]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:12 druida snoopy[704]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t
Aug 28 15:58:12 druida snoopy[705]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:12 druida snoopy[706]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t
Aug 28 15:58:12 druida snoopy[707]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:12 druida snoopy[708]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t
Aug 28 15:58:12 druida snoopy[709]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:12 druida snoopy[710]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t
Aug 28 15:58:12 druida snoopy[711]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:12 druida snoopy[712]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t
Aug 28 15:58:12 druida snoopy[713]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:12 druida snoopy[714]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t
Aug 28 15:58:12 druida snoopy[715]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:12 druida snoopy[716]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t
Aug 28 15:58:12 druida snoopy[717]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:12 druida snoopy[718]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t
Aug 28 15:58:12 druida snoopy[719]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor
Aug 28 15:58:12 druida snoopy[720]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t
Aug 28 15:58:13 druida snoopy[721]: [(null), uid:0 sid:359]: cat
/var/tmp/logcheck/checkoutput.3
Aug 28 15:58:13 druida snoopy[722]: [(null), uid:0 sid:359]: cat
/var/tmp/logcheck/checkreport.3
Aug 28 15:58:13 druida snoopy[723]: [(null), uid:0 sid:359]: mail -s
druida.dw 2002/08/28 15:58 syst
Aug 28 15:58:13 druida snoopy[724]: [(null), uid:0 sid:359]: send-mail -i --
root
Aug 28 15:58:13 druida snoopy[725]: [(null), uid:0 sid:359]: rm -f
/var/tmp/logcheck/check.360 /var/tmp/logcheck/check-sorted.
Aug 28 15:58:13 druida snoopy[727]: [(null), uid:8 sid:359]:
/usr/sbin/exim -Mc 17k817-0000Bg-00
Aug 28 15:58:30 druida login[350]: ROOT LOGIN on `tty1'
Reply to: