Hi, tomorrow morning logwatch send me this in a email: http://paste.debian.net/16228/ is this opcode, could it be an exploit? The whole thing (without real loglines) I testet with "file", it tells me: data what do you think? Gruß, Björn PS: sambaversion: 3.0.24 and he is not reachable through the i-net