[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ERROR CRIT

El vie, 19-08-2011 a las 17:58 -0300, mordoc zero escribió:
> 
> 
> 
> From daemon@example.com Fri Jul 22 01:52:18 2011
> Envelope-to: root@localhost
> Delivery-date: Fri, 22 Jul 2011 01:52:18 -0300
> From: <daemon@example.com>
> To: <root@localhost>
> Date: Fri, 22 Jul 2011 01:52:08 -0300
> Subject: [Samhain at 127.0.1.1] 22-07-2011 01:51:48: CRIT
> 
> 
> -----BEGIN MESSAGE-----
> [2011-07-22T01:51:48-0300] 127.0.1.1
> CRIT   :  [2011-07-22T01:51:48-0300] msg=<POLICY MISSING>,
> path=</etc/passwd.backup>
> CRIT   :  [2011-07-22T01:51:48-0300] interface=<lstat>, msg=<No such
> file or directory>, userid=<0>, path=</etc/
> passwd.backup>
> CRIT   :  [2011-07-22T01:51:48-0300] msg=<POLICY MISSING>,
> path=</etc/lvm/.cache>
> CRIT   :  [2011-07-22T01:51:48-0300] interface=<lstat>, msg=<No such
> file or directory>, userid=<0>, path=</etc/lvm/.cache>
> CRIT   :  [2011-07-22T01:51:48-0300] msg=<POLICY MISSING>,
> path=</etc/ioctl.save>
> CRIT   :  [2011-07-22T01:51:48-0300] interface=<lstat>, msg=<No such
> file or directory>, userid=<0>, path=</etc/:
> CRIT   :  [2011-07-22T01:51:48-0300] interface=<lstat>, msg=<No such
> file or directory>, userid=<0>, path=</etc/
> passwd.backup>
> CRIT   :  [2011-07-22T01:51:48-0300] msg=<POLICY MISSING>,
> path=</etc/lvm/.cache>
> CRIT   :  [2011-07-22T01:51:48-0300] interface=<lstat>, msg=<No such
> file or directory>, userid=<0>, path=</etc/lvm/.cache>
> CRIT   :  [2011-07-22T01:51:48-0300] msg=<POLICY MISSING>,
> path=</etc/ioctl.save>
> CRIT   :  [2011-07-22T01:51:48-0300] interface=<lstat>, msg=<No such
> file or directory>, userid=<0>, path=</etc/ioctl.save>
> CRIT   :  [2011-07-22T01:51:48-0300] msg=<POLICY MISSING>,
> path=</etc/asound.conf>
> CRIT   :  [2011-07-22T01:51:48-0300] interface=<lstat>, msg=<No such
> file or directory>, userid=<0>, path=</etc/asound.conf>
> ALERT  :  [2011-07-22T01:51:17-0300] msg=<LOGKEY>, program=<Samhain>,
> hash=<2054BAB5BC68F25DDB98FE2905EF319647A4D47D376778F1>
> -----BEGIN LOGKEY-----
> 2054BAB5BC68F25DDB98FE2905EF319647A4D47D376778F1[2011-07-22T01:51:17-0300]
> ALERT  :  [2011-07-22T01:51:15-0300] msg=<START>, program=<Samhain>,
> userid=<0>, path=</etc/samhain/samhainrc>,
> hash=<D2A96989673435CF2BC499D37DBD76EF3E743E6D1F9E4F0B>
> -----BEGIN SIGNATURE-----
> 3AAEEA7C03499615FA361862CB88B2DF6CD3FEA127D7E97D
> :T   :  [2011-07-22T01:51:48-0300] interface=<lstat>, msg=<No such
> file or directory>, userid=<0>, path=</etc/ioctl.save>
> CRIT   :  [2011-07-22T01:51:48-0300] msg=<POLICY MISSING>,
> path=</etc/asound.conf>
> CRIT   :  [2011-07-22T01:51:48-0300] interface=<lstat>, msg=<No such
> file or directory>, userid=<0>, path=</etc/asound.conf>
> ALERT  :  [2011-07-22T01:51:17-0300] msg=<LOGKEY>, program=<Samhain>,
> hash=<2054BAB5BC68F25DDB98FE2905EF319647A4D47D376778F1>
> -----BEGIN LOGKEY-----
> 2054BAB5BC68F25DDB98FE2905EF319647A4D47D376778F1[2011-07-22T01:51:17-0300]
> ALERT  :  [2011-07-22T01:51:15-0300] msg=<START>, program=<Samhain>,
> userid=<0>, path=</etc/samhain/samhainrc>,
> hash=<D2A96989673435CF2BC499D37DBD76EF3E743E6D1F9E4F0B>
> -----BEGIN SIGNATURE-----
> 3AAEEA7C03499615FA361862CB88B2DF6CD3FEA127D7E97D
> 000000 1311310328::127.0.1.1
> -----END MESSAGE-----
> 
> 
> 
> 
> 
> 
> NO ENTIENDO NADA ALGUIEN ME PUEDE GUIAR?????
> 
> 

¿Guiar...? ¿sobre que...?

A ojo de buen cubero veo que samhain (un sistema que controla la
integridad de los ficheros, análisis de logs...) se queja de que hay
varios ficheros que no encuentra. ¿Que has instalado...? ¿como lo has
configurado...?

Un saludo

JulHer

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to: