[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Me espian o que es todo esto?

Hola a todos... en mi Woody estoy recibiendo muchos logs y a cada rato (con
una hora que no reconozco ya que anda atrasado y aun no encontre la forma de
poner la hora bien :( ) me llegan mails del Snoopy (segun la desc es un
tcpwrapper y un logger) con logs como este que envio a continuacion para ver
si alguien me puede decir que es, si tengo un programa que me monitorea todo
y trabaja para luego enviar datos a alguien o que se yo... la cosa es que
todo esto se hace sin conexion, ya que no me estoy conectando con Debian a
internet, y estos logs me siguen apareciendo. Se me hace que me dejaron algo
metido, pero no se que pensar ya de todo esto. Asi que si alguien me puede
comentar que es todo esto, me ayudaria mucho de verdad. Solo comentar que es
solo una parte del log, porque es gigante y seria una tonteria mandarlo
completo ya que se repite a cada rato todo eso que mande aca. Todo eso pasa
antes de conectarme como Root, deje ese login root al final para delimitar
de alguna forma, para que se vea todo lo que pasa antes de loguearme, aunque
luego de loguearme todo eso sigue y sigue. Saludos a todos y perdon por ser
tan pesado con todo este tema... suerte y gracias.



This mail is sent by logcheck. If you do not want to receive it any more,

please modify the configuration files in /etc/logcheck or deinstall
logcheck.

Possible Security Violations

=-=-=-=-=-=-=-=-=-=

Aug 28 15:58:04 druida snoopy[436]: [(null), uid:0 sid:359]: cat
/var/log/debug

Aug 28 15:58:04 druida snoopy[441]: [(null), uid:0 sid:359]:
/usr/sbin/logtail /var/log/debug /var/lib/logcheck/offset.var.lo

Aug 28 15:58:30 druida login[350]: ROOT LOGIN on `tty1'

Unusual System Events

=-=-=-=-=-=-=-=-=-=-=

Aug 28 15:58:04 druida snoopy[430]: [(null), uid:0 sid:359]: tail -n 1

Aug 28 15:58:04 druida snoopy[431]: [(null), uid:0 sid:359]:
/usr/sbin/logtail /var/log/auth.log /var/lib/logcheck/offset.var.lo

Aug 28 15:58:04 druida snoopy[434]: [(null), uid:0 sid:359]: tr / .

Aug 28 15:58:04 druida snoopy[436]: [(null), uid:0 sid:359]: cat
/var/log/debug

Aug 28 15:58:04 druida snoopy[437]: [(null), uid:0 sid:359]: wc -c

Aug 28 15:58:04 druida snoopy[439]: [(null), uid:0 sid:359]: cat
/var/lib/logcheck/offset.var.lo

Aug 28 15:58:04 druida snoopy[440]: [(null), uid:0 sid:359]: tail -n 1

Aug 28 15:58:04 druida snoopy[441]: [(null), uid:0 sid:359]:
/usr/sbin/logtail /var/log/debug /var/lib/logcheck/offset.var.lo

Aug 28 15:58:04 druida snoopy[444]: [(null), uid:0 sid:359]: tr / .

Aug 28 15:58:04 druida snoopy[446]: [(null), uid:0 sid:359]: cat
/var/log/mail.err

Aug 28 15:58:04 druida snoopy[447]: [(null), uid:0 sid:359]: wc -c

Aug 28 15:58:04 druida snoopy[449]: [(null), uid:0 sid:359]: cat
/var/lib/logcheck/offset.var.lo

Aug 28 15:58:04 druida snoopy[450]: [(null), uid:0 sid:359]: tail -n 1

Aug 28 15:58:04 druida snoopy[451]: [(null), uid:0 sid:359]:
/usr/sbin/logtail /var/log/mail.err /var/lib/logcheck/offset.var.lo

Aug 28 15:58:04 druida snoopy[454]: [(null), uid:0 sid:359]: tr / .

Aug 28 15:58:04 druida snoopy[456]: [(null), uid:0 sid:359]: cat
/var/log/mail.info

Aug 28 15:58:04 druida snoopy[457]: [(null), uid:0 sid:359]: wc -c

Aug 28 15:58:04 druida snoopy[459]: [(null), uid:0 sid:359]: cat
/var/lib/logcheck/offset.var.lo

Aug 28 15:58:04 druida snoopy[460]: [(null), uid:0 sid:359]: tail -n 1

Aug 28 15:58:04 druida snoopy[461]: [(null), uid:0 sid:359]:
/usr/sbin/logtail /var/log/mail.info /var/lib/logcheck/offset.var.lo

Aug 28 15:58:04 druida snoopy[464]: [(null), uid:0 sid:359]: tr / .

Aug 28 15:58:04 druida snoopy[466]: [(null), uid:0 sid:359]: cat
/var/log/kern.log

Aug 28 15:58:04 druida snoopy[467]: [(null), uid:0 sid:359]: wc -c

Aug 28 15:58:05 druida snoopy[469]: [(null), uid:0 sid:359]: cat
/var/lib/logcheck/offset.var.lo

Aug 28 15:58:05 druida snoopy[470]: [(null), uid:0 sid:359]: tail -n 1

Aug 28 15:58:05 druida snoopy[471]: [(null), uid:0 sid:359]:
/usr/sbin/logtail /var/log/kern.log /var/lib/logcheck/offset.var.lo

Aug 28 15:58:05 druida snoopy[474]: [(null), uid:0 sid:359]: tr / .

Aug 28 15:58:05 druida snoopy[476]: [(null), uid:0 sid:359]: cat
/var/log/mail.warn

Aug 28 15:58:05 druida snoopy[477]: [(null), uid:0 sid:359]: wc -c

Aug 28 15:58:05 druida snoopy[479]: [(null), uid:0 sid:359]: cat
/var/lib/logcheck/offset.var.lo

Aug 28 15:58:05 druida snoopy[480]: [(null), uid:0 sid:359]: tail -n 1

Aug 28 15:58:05 druida snoopy[481]: [(null), uid:0 sid:359]:
/usr/sbin/logtail /var/log/mail.warn /var/lib/logcheck/offset.var.lo

Aug 28 15:58:05 druida snoopy[484]: [(null), uid:0 sid:359]: tr / .

Aug 28 15:58:05 druida snoopy[486]: [(null), uid:0 sid:359]: cat
/var/log/uucp.log

Aug 28 15:58:05 druida snoopy[487]: [(null), uid:0 sid:359]: wc -c

Aug 28 15:58:05 druida snoopy[489]: [(null), uid:0 sid:359]: cat
/var/lib/logcheck/offset.var.lo

Aug 28 15:58:05 druida snoopy[490]: [(null), uid:0 sid:359]: tail -n 1

Aug 28 15:58:05 druida snoopy[491]: [(null), uid:0 sid:359]:
/usr/sbin/logtail /var/log/uucp.log /var/lib/logcheck/offset.var.lo

Aug 28 15:58:05 druida snoopy[494]: [(null), uid:0 sid:359]: tr / .

Aug 28 15:58:05 druida snoopy[496]: [(null), uid:0 sid:359]: cat
/var/log/user.log

Aug 28 15:58:05 druida snoopy[497]: [(null), uid:0 sid:359]: wc -c

Aug 28 15:58:05 druida snoopy[499]: [(null), uid:0 sid:359]: cat
/var/lib/logcheck/offset.var.lo

Aug 28 15:58:05 druida snoopy[500]: [(null), uid:0 sid:359]: tail -n 1

Aug 28 15:58:05 druida snoopy[501]: [(null), uid:0 sid:359]:
/usr/sbin/logtail /var/log/user.log /var/lib/logcheck/offset.var.lo

Aug 28 15:58:05 druida snoopy[502]: [(null), uid:0 sid:359]: sort -k 1,3 -s
/var/tmp/logcheck/check.360

Aug 28 15:58:05 druida snoopy[503]: [(null), uid:0 sid:359]: uniq

Aug 28 15:58:05 druida snoopy[504]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/check-sorted.

Aug 28 15:58:05 druida snoopy[506]: [(null), uid:0 sid:359]: ls
/etc/logcheck/cracking.d/

Aug 28 15:58:05 druida snoopy[507]: [(null), uid:0 sid:359]: wc -l

Aug 28 15:58:05 druida snoopy[509]: [(null), uid:0 sid:359]: ls
/etc/logcheck/violations.d/

Aug 28 15:58:05 druida snoopy[510]: [(null), uid:0 sid:359]: wc -l

Aug 28 15:58:05 druida snoopy[512]: [(null), uid:0 sid:359]: ls
/etc/logcheck/violations.ignore

Aug 28 15:58:05 druida snoopy[513]: [(null), uid:0 sid:359]: wc -l

Aug 28 15:58:06 druida snoopy[515]: [(null), uid:0 sid:359]: ls
/etc/logcheck/ignore.d/

Aug 28 15:58:06 druida snoopy[516]: [(null), uid:0 sid:359]: wc -l

Aug 28 15:58:06 druida snoopy[517]: [(null), uid:0 sid:359]: expr
/etc/logcheck/logcheck.cracking

Aug 28 15:58:06 druida snoopy[518]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/logch

Aug 28 15:58:06 druida snoopy[519]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/logch

Aug 28 15:58:06 druida snoopy[520]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/logcheck.cracking

Aug 28 15:58:06 druida snoopy[521]: [(null), uid:0 sid:359]: expr
/etc/logcheck/logcheck.violatio

Aug 28 15:58:06 druida snoopy[522]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/logch

Aug 28 15:58:06 druida snoopy[523]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/logch

Aug 28 15:58:06 druida snoopy[524]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/logcheck.violatio

Aug 28 15:58:06 druida snoopy[525]: [(null), uid:0 sid:359]: expr
/etc/logcheck/logcheck.violatio

Aug 28 15:58:06 druida snoopy[526]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/logch

Aug 28 15:58:06 druida snoopy[527]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/logch

Aug 28 15:58:06 druida snoopy[528]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/logcheck.violatio

Aug 28 15:58:06 druida snoopy[529]: [(null), uid:0 sid:359]: expr
/etc/logcheck/logcheck.ignore : /etc/logcheck/\(.*\)

Aug 28 15:58:06 druida snoopy[530]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/logch

Aug 28 15:58:06 druida snoopy[531]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/logch

Aug 28 15:58:06 druida snoopy[532]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/logcheck.ignore

Aug 28 15:58:06 druida snoopy[533]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/anacron : /etc/logcheck/\(.*\)

Aug 28 15:58:06 druida snoopy[534]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:06 druida snoopy[535]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:06 druida snoopy[536]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/anacron

Aug 28 15:58:06 druida snoopy[537]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/automoun

Aug 28 15:58:06 druida snoopy[538]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:06 druida snoopy[539]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:06 druida snoopy[540]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/automoun

Aug 28 15:58:06 druida snoopy[541]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/bind : /etc/logcheck/\(.*\)

Aug 28 15:58:06 druida snoopy[542]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:06 druida snoopy[543]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:06 druida snoopy[544]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/bind

Aug 28 15:58:07 druida snoopy[545]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/cron : /etc/logcheck/\(.*\)

Aug 28 15:58:07 druida snoopy[546]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:07 druida snoopy[547]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:07 druida snoopy[548]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/cron

Aug 28 15:58:07 druida snoopy[549]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/dhcp : /etc/logcheck/\(.*\)

Aug 28 15:58:07 druida snoopy[550]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:07 druida snoopy[551]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:07 druida snoopy[552]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/dhcp

Aug 28 15:58:07 druida snoopy[553]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/exim : /etc/logcheck/\(.*\)

Aug 28 15:58:07 druida snoopy[554]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:07 druida snoopy[555]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:07 druida snoopy[556]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/exim

Aug 28 15:58:07 druida snoopy[557]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/fetchmai

Aug 28 15:58:07 druida snoopy[558]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:07 druida snoopy[559]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:07 druida snoopy[560]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/fetchmai

Aug 28 15:58:07 druida snoopy[561]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/gnome-bi

Aug 28 15:58:07 druida snoopy[562]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:07 druida snoopy[563]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:07 druida snoopy[564]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/gnome-bi

Aug 28 15:58:07 druida snoopy[565]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/imap : /etc/logcheck/\(.*\)

Aug 28 15:58:07 druida snoopy[566]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:07 druida snoopy[567]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:07 druida snoopy[568]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/imap

Aug 28 15:58:07 druida snoopy[569]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/imp : /etc/logcheck/\(.*\)

Aug 28 15:58:07 druida snoopy[570]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:07 druida snoopy[571]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:07 druida snoopy[572]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/imp

Aug 28 15:58:07 druida snoopy[573]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/ipppd : /etc/logcheck/\(.*\)

Aug 28 15:58:07 druida snoopy[574]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:07 druida snoopy[575]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:07 druida snoopy[576]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/ipppd

Aug 28 15:58:07 druida snoopy[577]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/isdnlog : /etc/logcheck/\(.*\)

Aug 28 15:58:07 druida snoopy[578]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:07 druida snoopy[579]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:07 druida snoopy[580]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/isdnlog

Aug 28 15:58:08 druida snoopy[581]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/isdnutil

Aug 28 15:58:08 druida snoopy[582]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:08 druida snoopy[583]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:08 druida snoopy[584]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/isdnutil

Aug 28 15:58:08 druida snoopy[585]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/mysql-se

Aug 28 15:58:08 druida snoopy[586]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:08 druida snoopy[587]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:08 druida snoopy[588]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/mysql-se

Aug 28 15:58:08 druida snoopy[589]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/net-acct

Aug 28 15:58:08 druida snoopy[590]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:08 druida snoopy[591]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:08 druida snoopy[592]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/net-acct

Aug 28 15:58:08 druida snoopy[593]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/oidentd : /etc/logcheck/\(.*\)

Aug 28 15:58:08 druida snoopy[594]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:08 druida snoopy[595]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:08 druida snoopy[596]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/oidentd

Aug 28 15:58:08 druida snoopy[597]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/portsent

Aug 28 15:58:08 druida snoopy[598]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:08 druida snoopy[599]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:08 druida snoopy[600]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/portsent

Aug 28 15:58:08 druida snoopy[601]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/postfix : /etc/logcheck/\(.*\)

Aug 28 15:58:08 druida snoopy[602]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:08 druida snoopy[603]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:08 druida snoopy[604]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/postfix

Aug 28 15:58:08 druida snoopy[605]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/ppp : /etc/logcheck/\(.*\)

Aug 28 15:58:08 druida snoopy[606]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:08 druida snoopy[607]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:08 druida snoopy[608]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/ppp

Aug 28 15:58:08 druida snoopy[609]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/proftpd : /etc/logcheck/\(.*\)

Aug 28 15:58:08 druida snoopy[610]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:08 druida snoopy[611]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:09 druida snoopy[612]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/proftpd

Aug 28 15:58:09 druida snoopy[613]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/pump : /etc/logcheck/\(.*\)

Aug 28 15:58:09 druida snoopy[614]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:09 druida snoopy[615]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:09 druida snoopy[616]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/pump

Aug 28 15:58:09 druida snoopy[617]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/qmail : /etc/logcheck/\(.*\)

Aug 28 15:58:09 druida snoopy[618]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:09 druida snoopy[619]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:09 druida snoopy[620]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/qmail

Aug 28 15:58:09 druida snoopy[621]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/qpopper : /etc/logcheck/\(.*\)

Aug 28 15:58:09 druida snoopy[622]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:09 druida snoopy[623]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:09 druida snoopy[624]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/qpopper

Aug 28 15:58:09 druida snoopy[625]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/samba : /etc/logcheck/\(.*\)

Aug 28 15:58:09 druida snoopy[626]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:09 druida snoopy[627]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:09 druida snoopy[628]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/samba

Aug 28 15:58:09 druida snoopy[629]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/squid : /etc/logcheck/\(.*\)

Aug 28 15:58:09 druida snoopy[630]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:09 druida snoopy[631]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:09 druida snoopy[632]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/squid

Aug 28 15:58:09 druida snoopy[633]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/ssh : /etc/logcheck/\(.*\)

Aug 28 15:58:09 druida snoopy[634]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:09 druida snoopy[635]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:09 druida snoopy[636]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/ssh

Aug 28 15:58:09 druida snoopy[637]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/stunnel : /etc/logcheck/\(.*\)

Aug 28 15:58:09 druida snoopy[638]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:09 druida snoopy[639]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:09 druida snoopy[640]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/stunnel

Aug 28 15:58:09 druida snoopy[641]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/sysklogd

Aug 28 15:58:09 druida snoopy[642]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:09 druida snoopy[643]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:09 druida snoopy[644]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/sysklogd

Aug 28 15:58:10 druida snoopy[645]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/telnetd : /etc/logcheck/\(.*\)

Aug 28 15:58:10 druida snoopy[646]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:10 druida snoopy[647]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:10 druida snoopy[648]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/telnetd

Aug 28 15:58:10 druida snoopy[649]: [(null), uid:0 sid:359]: expr
/etc/logcheck/ignore.d/uptimed : /etc/logcheck/\(.*\)

Aug 28 15:58:10 druida snoopy[650]: [(null), uid:0 sid:359]: rm -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:10 druida snoopy[651]: [(null), uid:0 sid:359]: dirname
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:10 druida snoopy[652]: [(null), uid:0 sid:359]: egrep -v ^\s*$
/etc/logcheck/ignore.d/uptimed

Aug 28 15:58:10 druida snoopy[653]: [(null), uid:0 sid:359]: egrep -i -f
/var/lib/logcheck/cleaned/logch

Aug 28 15:58:10 druida snoopy[654]: [(null), uid:0 sid:359]: egrep -i -f
/var/lib/logcheck/cleaned/logch

Aug 28 15:58:10 druida snoopy[655]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/logch

Aug 28 15:58:10 druida snoopy[656]: [(null), uid:0 sid:359]: cat
/var/tmp/logcheck/checkoutput.3

Aug 28 15:58:10 druida snoopy[657]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/logch

Aug 28 15:58:10 druida snoopy[660]: [(null), uid:0 sid:359]: wc -l

Aug 28 15:58:10 druida snoopy[659]: [(null), uid:0 sid:359]: ls
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:10 druida snoopy[661]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:10 druida snoopy[662]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t

Aug 28 15:58:10 druida snoopy[663]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:10 druida snoopy[664]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t

Aug 28 15:58:10 druida snoopy[665]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:10 druida snoopy[666]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t

Aug 28 15:58:10 druida snoopy[667]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:10 druida snoopy[668]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t

Aug 28 15:58:10 druida snoopy[669]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:10 druida snoopy[670]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t

Aug 28 15:58:10 druida snoopy[671]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:11 druida snoopy[672]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t

Aug 28 15:58:11 druida snoopy[673]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:11 druida snoopy[674]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t

Aug 28 15:58:11 druida snoopy[675]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:11 druida snoopy[676]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t

Aug 28 15:58:11 druida snoopy[677]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:11 druida snoopy[678]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t

Aug 28 15:58:11 druida snoopy[679]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:11 druida snoopy[680]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t

Aug 28 15:58:11 druida snoopy[681]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:11 druida snoopy[682]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t

Aug 28 15:58:11 druida snoopy[683]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:11 druida snoopy[684]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t

Aug 28 15:58:11 druida snoopy[685]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:11 druida snoopy[686]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t

Aug 28 15:58:11 druida snoopy[687]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:11 druida snoopy[688]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t

Aug 28 15:58:11 druida snoopy[689]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:11 druida snoopy[690]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t

Aug 28 15:58:11 druida snoopy[691]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:11 druida snoopy[692]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t

Aug 28 15:58:11 druida snoopy[693]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:11 druida snoopy[694]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t

Aug 28 15:58:11 druida snoopy[695]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:11 druida snoopy[696]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t

Aug 28 15:58:12 druida snoopy[697]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:12 druida snoopy[698]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t

Aug 28 15:58:12 druida snoopy[699]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:12 druida snoopy[700]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t

Aug 28 15:58:12 druida snoopy[701]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:12 druida snoopy[702]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t

Aug 28 15:58:12 druida snoopy[703]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:12 druida snoopy[704]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t

Aug 28 15:58:12 druida snoopy[705]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:12 druida snoopy[706]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t

Aug 28 15:58:12 druida snoopy[707]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:12 druida snoopy[708]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t

Aug 28 15:58:12 druida snoopy[709]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:12 druida snoopy[710]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t

Aug 28 15:58:12 druida snoopy[711]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:12 druida snoopy[712]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t

Aug 28 15:58:12 druida snoopy[713]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:12 druida snoopy[714]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t

Aug 28 15:58:12 druida snoopy[715]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:12 druida snoopy[716]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t

Aug 28 15:58:12 druida snoopy[717]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:12 druida snoopy[718]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t

Aug 28 15:58:12 druida snoopy[719]: [(null), uid:0 sid:359]: egrep -v -f
/var/lib/logcheck/cleaned/ignor

Aug 28 15:58:12 druida snoopy[720]: [(null), uid:0 sid:359]: mv
/var/tmp/logcheck/checkoutput.t

Aug 28 15:58:13 druida snoopy[721]: [(null), uid:0 sid:359]: cat
/var/tmp/logcheck/checkoutput.3

Aug 28 15:58:13 druida snoopy[722]: [(null), uid:0 sid:359]: cat
/var/tmp/logcheck/checkreport.3

Aug 28 15:58:13 druida snoopy[723]: [(null), uid:0 sid:359]: mail -s
druida.dw 2002/08/28 15:58 syst

Aug 28 15:58:13 druida snoopy[724]: [(null), uid:0 sid:359]: send-mail -i --
root

Aug 28 15:58:13 druida snoopy[725]: [(null), uid:0 sid:359]: rm -f
/var/tmp/logcheck/check.360 /var/tmp/logcheck/check-sorted.

Aug 28 15:58:13 druida snoopy[727]: [(null), uid:8 sid:359]:
/usr/sbin/exim -Mc 17k817-0000Bg-00

Aug 28 15:58:30 druida login[350]: ROOT LOGIN on `tty1'
Reply to: