Hola a todos... en mi Woody estoy recibiendo muchos logs y a cada rato (con una hora que no reconozco ya que anda atrasado y aun no encontre la forma de poner la hora bien :( ) me llegan mails del Snoopy (segun la desc es un tcpwrapper y un logger) con logs como este que envio a continuacion para ver si alguien me puede decir que es, si tengo un programa que me monitorea todo y trabaja para luego enviar datos a alguien o que se yo... la cosa es que todo esto se hace sin conexion, ya que no me estoy conectando con Debian a internet, y estos logs me siguen apareciendo. Se me hace que me dejaron algo metido, pero no se que pensar ya de todo esto. Asi que si alguien me puede comentar que es todo esto, me ayudaria mucho de verdad. Solo comentar que es solo una parte del log, porque es gigante y seria una tonteria mandarlo completo ya que se repite a cada rato todo eso que mande aca. Todo eso pasa antes de conectarme como Root, deje ese login root al final para delimitar de alguna forma, para que se vea todo lo que pasa antes de loguearme, aunque luego de loguearme todo eso sigue y sigue. Saludos a todos y perdon por ser tan pesado con todo este tema... suerte y gracias.
This mail is sent by logcheck. If you do not want to receive it any more, please modify the configuration files in /etc/logcheck or deinstall logcheck. Possible Security Violations =-=-=-=-=-=-=-=-=-= Aug 28 15:58:04 druida snoopy[436]: [(null), uid:0 sid:359]: cat /var/log/debug Aug 28 15:58:04 druida snoopy[441]: [(null), uid:0 sid:359]: /usr/sbin/logtail /var/log/debug /var/lib/logcheck/offset.var.lo Aug 28 15:58:30 druida login[350]: ROOT LOGIN on `tty1' Unusual System Events =-=-=-=-=-=-=-=-=-=-= Aug 28 15:58:04 druida snoopy[430]: [(null), uid:0 sid:359]: tail -n 1 Aug 28 15:58:04 druida snoopy[431]: [(null), uid:0 sid:359]: /usr/sbin/logtail /var/log/auth.log /var/lib/logcheck/offset.var.lo Aug 28 15:58:04 druida snoopy[434]: [(null), uid:0 sid:359]: tr / . Aug 28 15:58:04 druida snoopy[436]: [(null), uid:0 sid:359]: cat /var/log/debug Aug 28 15:58:04 druida snoopy[437]: [(null), uid:0 sid:359]: wc -c Aug 28 15:58:04 druida snoopy[439]: [(null), uid:0 sid:359]: cat /var/lib/logcheck/offset.var.lo Aug 28 15:58:04 druida snoopy[440]: [(null), uid:0 sid:359]: tail -n 1 Aug 28 15:58:04 druida snoopy[441]: [(null), uid:0 sid:359]: /usr/sbin/logtail /var/log/debug /var/lib/logcheck/offset.var.lo Aug 28 15:58:04 druida snoopy[444]: [(null), uid:0 sid:359]: tr / . Aug 28 15:58:04 druida snoopy[446]: [(null), uid:0 sid:359]: cat /var/log/mail.err Aug 28 15:58:04 druida snoopy[447]: [(null), uid:0 sid:359]: wc -c Aug 28 15:58:04 druida snoopy[449]: [(null), uid:0 sid:359]: cat /var/lib/logcheck/offset.var.lo Aug 28 15:58:04 druida snoopy[450]: [(null), uid:0 sid:359]: tail -n 1 Aug 28 15:58:04 druida snoopy[451]: [(null), uid:0 sid:359]: /usr/sbin/logtail /var/log/mail.err /var/lib/logcheck/offset.var.lo Aug 28 15:58:04 druida snoopy[454]: [(null), uid:0 sid:359]: tr / . Aug 28 15:58:04 druida snoopy[456]: [(null), uid:0 sid:359]: cat /var/log/mail.info Aug 28 15:58:04 druida snoopy[457]: [(null), uid:0 sid:359]: wc -c Aug 28 15:58:04 druida snoopy[459]: [(null), uid:0 sid:359]: cat /var/lib/logcheck/offset.var.lo Aug 28 15:58:04 druida snoopy[460]: [(null), uid:0 sid:359]: tail -n 1 Aug 28 15:58:04 druida snoopy[461]: [(null), uid:0 sid:359]: /usr/sbin/logtail /var/log/mail.info /var/lib/logcheck/offset.var.lo Aug 28 15:58:04 druida snoopy[464]: [(null), uid:0 sid:359]: tr / . Aug 28 15:58:04 druida snoopy[466]: [(null), uid:0 sid:359]: cat /var/log/kern.log Aug 28 15:58:04 druida snoopy[467]: [(null), uid:0 sid:359]: wc -c Aug 28 15:58:05 druida snoopy[469]: [(null), uid:0 sid:359]: cat /var/lib/logcheck/offset.var.lo Aug 28 15:58:05 druida snoopy[470]: [(null), uid:0 sid:359]: tail -n 1 Aug 28 15:58:05 druida snoopy[471]: [(null), uid:0 sid:359]: /usr/sbin/logtail /var/log/kern.log /var/lib/logcheck/offset.var.lo Aug 28 15:58:05 druida snoopy[474]: [(null), uid:0 sid:359]: tr / . Aug 28 15:58:05 druida snoopy[476]: [(null), uid:0 sid:359]: cat /var/log/mail.warn Aug 28 15:58:05 druida snoopy[477]: [(null), uid:0 sid:359]: wc -c Aug 28 15:58:05 druida snoopy[479]: [(null), uid:0 sid:359]: cat /var/lib/logcheck/offset.var.lo Aug 28 15:58:05 druida snoopy[480]: [(null), uid:0 sid:359]: tail -n 1 Aug 28 15:58:05 druida snoopy[481]: [(null), uid:0 sid:359]: /usr/sbin/logtail /var/log/mail.warn /var/lib/logcheck/offset.var.lo Aug 28 15:58:05 druida snoopy[484]: [(null), uid:0 sid:359]: tr / . Aug 28 15:58:05 druida snoopy[486]: [(null), uid:0 sid:359]: cat /var/log/uucp.log Aug 28 15:58:05 druida snoopy[487]: [(null), uid:0 sid:359]: wc -c Aug 28 15:58:05 druida snoopy[489]: [(null), uid:0 sid:359]: cat /var/lib/logcheck/offset.var.lo Aug 28 15:58:05 druida snoopy[490]: [(null), uid:0 sid:359]: tail -n 1 Aug 28 15:58:05 druida snoopy[491]: [(null), uid:0 sid:359]: /usr/sbin/logtail /var/log/uucp.log /var/lib/logcheck/offset.var.lo Aug 28 15:58:05 druida snoopy[494]: [(null), uid:0 sid:359]: tr / . Aug 28 15:58:05 druida snoopy[496]: [(null), uid:0 sid:359]: cat /var/log/user.log Aug 28 15:58:05 druida snoopy[497]: [(null), uid:0 sid:359]: wc -c Aug 28 15:58:05 druida snoopy[499]: [(null), uid:0 sid:359]: cat /var/lib/logcheck/offset.var.lo Aug 28 15:58:05 druida snoopy[500]: [(null), uid:0 sid:359]: tail -n 1 Aug 28 15:58:05 druida snoopy[501]: [(null), uid:0 sid:359]: /usr/sbin/logtail /var/log/user.log /var/lib/logcheck/offset.var.lo Aug 28 15:58:05 druida snoopy[502]: [(null), uid:0 sid:359]: sort -k 1,3 -s /var/tmp/logcheck/check.360 Aug 28 15:58:05 druida snoopy[503]: [(null), uid:0 sid:359]: uniq Aug 28 15:58:05 druida snoopy[504]: [(null), uid:0 sid:359]: mv /var/tmp/logcheck/check-sorted. Aug 28 15:58:05 druida snoopy[506]: [(null), uid:0 sid:359]: ls /etc/logcheck/cracking.d/ Aug 28 15:58:05 druida snoopy[507]: [(null), uid:0 sid:359]: wc -l Aug 28 15:58:05 druida snoopy[509]: [(null), uid:0 sid:359]: ls /etc/logcheck/violations.d/ Aug 28 15:58:05 druida snoopy[510]: [(null), uid:0 sid:359]: wc -l Aug 28 15:58:05 druida snoopy[512]: [(null), uid:0 sid:359]: ls /etc/logcheck/violations.ignore Aug 28 15:58:05 druida snoopy[513]: [(null), uid:0 sid:359]: wc -l Aug 28 15:58:06 druida snoopy[515]: [(null), uid:0 sid:359]: ls /etc/logcheck/ignore.d/ Aug 28 15:58:06 druida snoopy[516]: [(null), uid:0 sid:359]: wc -l Aug 28 15:58:06 druida snoopy[517]: [(null), uid:0 sid:359]: expr /etc/logcheck/logcheck.cracking Aug 28 15:58:06 druida snoopy[518]: [(null), uid:0 sid:359]: rm -f /var/lib/logcheck/cleaned/logch Aug 28 15:58:06 druida snoopy[519]: [(null), uid:0 sid:359]: dirname /var/lib/logcheck/cleaned/logch Aug 28 15:58:06 druida snoopy[520]: [(null), uid:0 sid:359]: egrep -v ^\s*$ /etc/logcheck/logcheck.cracking Aug 28 15:58:06 druida snoopy[521]: [(null), uid:0 sid:359]: expr /etc/logcheck/logcheck.violatio Aug 28 15:58:06 druida snoopy[522]: [(null), uid:0 sid:359]: rm -f /var/lib/logcheck/cleaned/logch Aug 28 15:58:06 druida snoopy[523]: [(null), uid:0 sid:359]: dirname /var/lib/logcheck/cleaned/logch Aug 28 15:58:06 druida snoopy[524]: [(null), uid:0 sid:359]: egrep -v ^\s*$ /etc/logcheck/logcheck.violatio Aug 28 15:58:06 druida snoopy[525]: [(null), uid:0 sid:359]: expr /etc/logcheck/logcheck.violatio Aug 28 15:58:06 druida snoopy[526]: [(null), uid:0 sid:359]: rm -f /var/lib/logcheck/cleaned/logch Aug 28 15:58:06 druida snoopy[527]: [(null), uid:0 sid:359]: dirname /var/lib/logcheck/cleaned/logch Aug 28 15:58:06 druida snoopy[528]: [(null), uid:0 sid:359]: egrep -v ^\s*$ /etc/logcheck/logcheck.violatio Aug 28 15:58:06 druida snoopy[529]: [(null), uid:0 sid:359]: expr /etc/logcheck/logcheck.ignore : /etc/logcheck/\(.*\) Aug 28 15:58:06 druida snoopy[530]: [(null), uid:0 sid:359]: rm -f /var/lib/logcheck/cleaned/logch Aug 28 15:58:06 druida snoopy[531]: [(null), uid:0 sid:359]: dirname /var/lib/logcheck/cleaned/logch Aug 28 15:58:06 druida snoopy[532]: [(null), uid:0 sid:359]: egrep -v ^\s*$ /etc/logcheck/logcheck.ignore Aug 28 15:58:06 druida snoopy[533]: [(null), uid:0 sid:359]: expr /etc/logcheck/ignore.d/anacron : /etc/logcheck/\(.*\) Aug 28 15:58:06 druida snoopy[534]: [(null), uid:0 sid:359]: rm -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:06 druida snoopy[535]: [(null), uid:0 sid:359]: dirname /var/lib/logcheck/cleaned/ignor Aug 28 15:58:06 druida snoopy[536]: [(null), uid:0 sid:359]: egrep -v ^\s*$ /etc/logcheck/ignore.d/anacron Aug 28 15:58:06 druida snoopy[537]: [(null), uid:0 sid:359]: expr /etc/logcheck/ignore.d/automoun Aug 28 15:58:06 druida snoopy[538]: [(null), uid:0 sid:359]: rm -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:06 druida snoopy[539]: [(null), uid:0 sid:359]: dirname /var/lib/logcheck/cleaned/ignor Aug 28 15:58:06 druida snoopy[540]: [(null), uid:0 sid:359]: egrep -v ^\s*$ /etc/logcheck/ignore.d/automoun Aug 28 15:58:06 druida snoopy[541]: [(null), uid:0 sid:359]: expr /etc/logcheck/ignore.d/bind : /etc/logcheck/\(.*\) Aug 28 15:58:06 druida snoopy[542]: [(null), uid:0 sid:359]: rm -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:06 druida snoopy[543]: [(null), uid:0 sid:359]: dirname /var/lib/logcheck/cleaned/ignor Aug 28 15:58:06 druida snoopy[544]: [(null), uid:0 sid:359]: egrep -v ^\s*$ /etc/logcheck/ignore.d/bind Aug 28 15:58:07 druida snoopy[545]: [(null), uid:0 sid:359]: expr /etc/logcheck/ignore.d/cron : /etc/logcheck/\(.*\) Aug 28 15:58:07 druida snoopy[546]: [(null), uid:0 sid:359]: rm -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:07 druida snoopy[547]: [(null), uid:0 sid:359]: dirname /var/lib/logcheck/cleaned/ignor Aug 28 15:58:07 druida snoopy[548]: [(null), uid:0 sid:359]: egrep -v ^\s*$ /etc/logcheck/ignore.d/cron Aug 28 15:58:07 druida snoopy[549]: [(null), uid:0 sid:359]: expr /etc/logcheck/ignore.d/dhcp : /etc/logcheck/\(.*\) Aug 28 15:58:07 druida snoopy[550]: [(null), uid:0 sid:359]: rm -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:07 druida snoopy[551]: [(null), uid:0 sid:359]: dirname /var/lib/logcheck/cleaned/ignor Aug 28 15:58:07 druida snoopy[552]: [(null), uid:0 sid:359]: egrep -v ^\s*$ /etc/logcheck/ignore.d/dhcp Aug 28 15:58:07 druida snoopy[553]: [(null), uid:0 sid:359]: expr /etc/logcheck/ignore.d/exim : /etc/logcheck/\(.*\) Aug 28 15:58:07 druida snoopy[554]: [(null), uid:0 sid:359]: rm -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:07 druida snoopy[555]: [(null), uid:0 sid:359]: dirname /var/lib/logcheck/cleaned/ignor Aug 28 15:58:07 druida snoopy[556]: [(null), uid:0 sid:359]: egrep -v ^\s*$ /etc/logcheck/ignore.d/exim Aug 28 15:58:07 druida snoopy[557]: [(null), uid:0 sid:359]: expr /etc/logcheck/ignore.d/fetchmai Aug 28 15:58:07 druida snoopy[558]: [(null), uid:0 sid:359]: rm -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:07 druida snoopy[559]: [(null), uid:0 sid:359]: dirname /var/lib/logcheck/cleaned/ignor Aug 28 15:58:07 druida snoopy[560]: [(null), uid:0 sid:359]: egrep -v ^\s*$ /etc/logcheck/ignore.d/fetchmai Aug 28 15:58:07 druida snoopy[561]: [(null), uid:0 sid:359]: expr /etc/logcheck/ignore.d/gnome-bi Aug 28 15:58:07 druida snoopy[562]: [(null), uid:0 sid:359]: rm -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:07 druida snoopy[563]: [(null), uid:0 sid:359]: dirname /var/lib/logcheck/cleaned/ignor Aug 28 15:58:07 druida snoopy[564]: [(null), uid:0 sid:359]: egrep -v ^\s*$ /etc/logcheck/ignore.d/gnome-bi Aug 28 15:58:07 druida snoopy[565]: [(null), uid:0 sid:359]: expr /etc/logcheck/ignore.d/imap : /etc/logcheck/\(.*\) Aug 28 15:58:07 druida snoopy[566]: [(null), uid:0 sid:359]: rm -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:07 druida snoopy[567]: [(null), uid:0 sid:359]: dirname /var/lib/logcheck/cleaned/ignor Aug 28 15:58:07 druida snoopy[568]: [(null), uid:0 sid:359]: egrep -v ^\s*$ /etc/logcheck/ignore.d/imap Aug 28 15:58:07 druida snoopy[569]: [(null), uid:0 sid:359]: expr /etc/logcheck/ignore.d/imp : /etc/logcheck/\(.*\) Aug 28 15:58:07 druida snoopy[570]: [(null), uid:0 sid:359]: rm -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:07 druida snoopy[571]: [(null), uid:0 sid:359]: dirname /var/lib/logcheck/cleaned/ignor Aug 28 15:58:07 druida snoopy[572]: [(null), uid:0 sid:359]: egrep -v ^\s*$ /etc/logcheck/ignore.d/imp Aug 28 15:58:07 druida snoopy[573]: [(null), uid:0 sid:359]: expr /etc/logcheck/ignore.d/ipppd : /etc/logcheck/\(.*\) Aug 28 15:58:07 druida snoopy[574]: [(null), uid:0 sid:359]: rm -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:07 druida snoopy[575]: [(null), uid:0 sid:359]: dirname /var/lib/logcheck/cleaned/ignor Aug 28 15:58:07 druida snoopy[576]: [(null), uid:0 sid:359]: egrep -v ^\s*$ /etc/logcheck/ignore.d/ipppd Aug 28 15:58:07 druida snoopy[577]: [(null), uid:0 sid:359]: expr /etc/logcheck/ignore.d/isdnlog : /etc/logcheck/\(.*\) Aug 28 15:58:07 druida snoopy[578]: [(null), uid:0 sid:359]: rm -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:07 druida snoopy[579]: [(null), uid:0 sid:359]: dirname /var/lib/logcheck/cleaned/ignor Aug 28 15:58:07 druida snoopy[580]: [(null), uid:0 sid:359]: egrep -v ^\s*$ /etc/logcheck/ignore.d/isdnlog Aug 28 15:58:08 druida snoopy[581]: [(null), uid:0 sid:359]: expr /etc/logcheck/ignore.d/isdnutil Aug 28 15:58:08 druida snoopy[582]: [(null), uid:0 sid:359]: rm -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:08 druida snoopy[583]: [(null), uid:0 sid:359]: dirname /var/lib/logcheck/cleaned/ignor Aug 28 15:58:08 druida snoopy[584]: [(null), uid:0 sid:359]: egrep -v ^\s*$ /etc/logcheck/ignore.d/isdnutil Aug 28 15:58:08 druida snoopy[585]: [(null), uid:0 sid:359]: expr /etc/logcheck/ignore.d/mysql-se Aug 28 15:58:08 druida snoopy[586]: [(null), uid:0 sid:359]: rm -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:08 druida snoopy[587]: [(null), uid:0 sid:359]: dirname /var/lib/logcheck/cleaned/ignor Aug 28 15:58:08 druida snoopy[588]: [(null), uid:0 sid:359]: egrep -v ^\s*$ /etc/logcheck/ignore.d/mysql-se Aug 28 15:58:08 druida snoopy[589]: [(null), uid:0 sid:359]: expr /etc/logcheck/ignore.d/net-acct Aug 28 15:58:08 druida snoopy[590]: [(null), uid:0 sid:359]: rm -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:08 druida snoopy[591]: [(null), uid:0 sid:359]: dirname /var/lib/logcheck/cleaned/ignor Aug 28 15:58:08 druida snoopy[592]: [(null), uid:0 sid:359]: egrep -v ^\s*$ /etc/logcheck/ignore.d/net-acct Aug 28 15:58:08 druida snoopy[593]: [(null), uid:0 sid:359]: expr /etc/logcheck/ignore.d/oidentd : /etc/logcheck/\(.*\) Aug 28 15:58:08 druida snoopy[594]: [(null), uid:0 sid:359]: rm -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:08 druida snoopy[595]: [(null), uid:0 sid:359]: dirname /var/lib/logcheck/cleaned/ignor Aug 28 15:58:08 druida snoopy[596]: [(null), uid:0 sid:359]: egrep -v ^\s*$ /etc/logcheck/ignore.d/oidentd Aug 28 15:58:08 druida snoopy[597]: [(null), uid:0 sid:359]: expr /etc/logcheck/ignore.d/portsent Aug 28 15:58:08 druida snoopy[598]: [(null), uid:0 sid:359]: rm -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:08 druida snoopy[599]: [(null), uid:0 sid:359]: dirname /var/lib/logcheck/cleaned/ignor Aug 28 15:58:08 druida snoopy[600]: [(null), uid:0 sid:359]: egrep -v ^\s*$ /etc/logcheck/ignore.d/portsent Aug 28 15:58:08 druida snoopy[601]: [(null), uid:0 sid:359]: expr /etc/logcheck/ignore.d/postfix : /etc/logcheck/\(.*\) Aug 28 15:58:08 druida snoopy[602]: [(null), uid:0 sid:359]: rm -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:08 druida snoopy[603]: [(null), uid:0 sid:359]: dirname /var/lib/logcheck/cleaned/ignor Aug 28 15:58:08 druida snoopy[604]: [(null), uid:0 sid:359]: egrep -v ^\s*$ /etc/logcheck/ignore.d/postfix Aug 28 15:58:08 druida snoopy[605]: [(null), uid:0 sid:359]: expr /etc/logcheck/ignore.d/ppp : /etc/logcheck/\(.*\) Aug 28 15:58:08 druida snoopy[606]: [(null), uid:0 sid:359]: rm -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:08 druida snoopy[607]: [(null), uid:0 sid:359]: dirname /var/lib/logcheck/cleaned/ignor Aug 28 15:58:08 druida snoopy[608]: [(null), uid:0 sid:359]: egrep -v ^\s*$ /etc/logcheck/ignore.d/ppp Aug 28 15:58:08 druida snoopy[609]: [(null), uid:0 sid:359]: expr /etc/logcheck/ignore.d/proftpd : /etc/logcheck/\(.*\) Aug 28 15:58:08 druida snoopy[610]: [(null), uid:0 sid:359]: rm -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:08 druida snoopy[611]: [(null), uid:0 sid:359]: dirname /var/lib/logcheck/cleaned/ignor Aug 28 15:58:09 druida snoopy[612]: [(null), uid:0 sid:359]: egrep -v ^\s*$ /etc/logcheck/ignore.d/proftpd Aug 28 15:58:09 druida snoopy[613]: [(null), uid:0 sid:359]: expr /etc/logcheck/ignore.d/pump : /etc/logcheck/\(.*\) Aug 28 15:58:09 druida snoopy[614]: [(null), uid:0 sid:359]: rm -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:09 druida snoopy[615]: [(null), uid:0 sid:359]: dirname /var/lib/logcheck/cleaned/ignor Aug 28 15:58:09 druida snoopy[616]: [(null), uid:0 sid:359]: egrep -v ^\s*$ /etc/logcheck/ignore.d/pump Aug 28 15:58:09 druida snoopy[617]: [(null), uid:0 sid:359]: expr /etc/logcheck/ignore.d/qmail : /etc/logcheck/\(.*\) Aug 28 15:58:09 druida snoopy[618]: [(null), uid:0 sid:359]: rm -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:09 druida snoopy[619]: [(null), uid:0 sid:359]: dirname /var/lib/logcheck/cleaned/ignor Aug 28 15:58:09 druida snoopy[620]: [(null), uid:0 sid:359]: egrep -v ^\s*$ /etc/logcheck/ignore.d/qmail Aug 28 15:58:09 druida snoopy[621]: [(null), uid:0 sid:359]: expr /etc/logcheck/ignore.d/qpopper : /etc/logcheck/\(.*\) Aug 28 15:58:09 druida snoopy[622]: [(null), uid:0 sid:359]: rm -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:09 druida snoopy[623]: [(null), uid:0 sid:359]: dirname /var/lib/logcheck/cleaned/ignor Aug 28 15:58:09 druida snoopy[624]: [(null), uid:0 sid:359]: egrep -v ^\s*$ /etc/logcheck/ignore.d/qpopper Aug 28 15:58:09 druida snoopy[625]: [(null), uid:0 sid:359]: expr /etc/logcheck/ignore.d/samba : /etc/logcheck/\(.*\) Aug 28 15:58:09 druida snoopy[626]: [(null), uid:0 sid:359]: rm -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:09 druida snoopy[627]: [(null), uid:0 sid:359]: dirname /var/lib/logcheck/cleaned/ignor Aug 28 15:58:09 druida snoopy[628]: [(null), uid:0 sid:359]: egrep -v ^\s*$ /etc/logcheck/ignore.d/samba Aug 28 15:58:09 druida snoopy[629]: [(null), uid:0 sid:359]: expr /etc/logcheck/ignore.d/squid : /etc/logcheck/\(.*\) Aug 28 15:58:09 druida snoopy[630]: [(null), uid:0 sid:359]: rm -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:09 druida snoopy[631]: [(null), uid:0 sid:359]: dirname /var/lib/logcheck/cleaned/ignor Aug 28 15:58:09 druida snoopy[632]: [(null), uid:0 sid:359]: egrep -v ^\s*$ /etc/logcheck/ignore.d/squid Aug 28 15:58:09 druida snoopy[633]: [(null), uid:0 sid:359]: expr /etc/logcheck/ignore.d/ssh : /etc/logcheck/\(.*\) Aug 28 15:58:09 druida snoopy[634]: [(null), uid:0 sid:359]: rm -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:09 druida snoopy[635]: [(null), uid:0 sid:359]: dirname /var/lib/logcheck/cleaned/ignor Aug 28 15:58:09 druida snoopy[636]: [(null), uid:0 sid:359]: egrep -v ^\s*$ /etc/logcheck/ignore.d/ssh Aug 28 15:58:09 druida snoopy[637]: [(null), uid:0 sid:359]: expr /etc/logcheck/ignore.d/stunnel : /etc/logcheck/\(.*\) Aug 28 15:58:09 druida snoopy[638]: [(null), uid:0 sid:359]: rm -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:09 druida snoopy[639]: [(null), uid:0 sid:359]: dirname /var/lib/logcheck/cleaned/ignor Aug 28 15:58:09 druida snoopy[640]: [(null), uid:0 sid:359]: egrep -v ^\s*$ /etc/logcheck/ignore.d/stunnel Aug 28 15:58:09 druida snoopy[641]: [(null), uid:0 sid:359]: expr /etc/logcheck/ignore.d/sysklogd Aug 28 15:58:09 druida snoopy[642]: [(null), uid:0 sid:359]: rm -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:09 druida snoopy[643]: [(null), uid:0 sid:359]: dirname /var/lib/logcheck/cleaned/ignor Aug 28 15:58:09 druida snoopy[644]: [(null), uid:0 sid:359]: egrep -v ^\s*$ /etc/logcheck/ignore.d/sysklogd Aug 28 15:58:10 druida snoopy[645]: [(null), uid:0 sid:359]: expr /etc/logcheck/ignore.d/telnetd : /etc/logcheck/\(.*\) Aug 28 15:58:10 druida snoopy[646]: [(null), uid:0 sid:359]: rm -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:10 druida snoopy[647]: [(null), uid:0 sid:359]: dirname /var/lib/logcheck/cleaned/ignor Aug 28 15:58:10 druida snoopy[648]: [(null), uid:0 sid:359]: egrep -v ^\s*$ /etc/logcheck/ignore.d/telnetd Aug 28 15:58:10 druida snoopy[649]: [(null), uid:0 sid:359]: expr /etc/logcheck/ignore.d/uptimed : /etc/logcheck/\(.*\) Aug 28 15:58:10 druida snoopy[650]: [(null), uid:0 sid:359]: rm -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:10 druida snoopy[651]: [(null), uid:0 sid:359]: dirname /var/lib/logcheck/cleaned/ignor Aug 28 15:58:10 druida snoopy[652]: [(null), uid:0 sid:359]: egrep -v ^\s*$ /etc/logcheck/ignore.d/uptimed Aug 28 15:58:10 druida snoopy[653]: [(null), uid:0 sid:359]: egrep -i -f /var/lib/logcheck/cleaned/logch Aug 28 15:58:10 druida snoopy[654]: [(null), uid:0 sid:359]: egrep -i -f /var/lib/logcheck/cleaned/logch Aug 28 15:58:10 druida snoopy[655]: [(null), uid:0 sid:359]: egrep -v -f /var/lib/logcheck/cleaned/logch Aug 28 15:58:10 druida snoopy[656]: [(null), uid:0 sid:359]: cat /var/tmp/logcheck/checkoutput.3 Aug 28 15:58:10 druida snoopy[657]: [(null), uid:0 sid:359]: egrep -v -f /var/lib/logcheck/cleaned/logch Aug 28 15:58:10 druida snoopy[660]: [(null), uid:0 sid:359]: wc -l Aug 28 15:58:10 druida snoopy[659]: [(null), uid:0 sid:359]: ls /var/lib/logcheck/cleaned/ignor Aug 28 15:58:10 druida snoopy[661]: [(null), uid:0 sid:359]: egrep -v -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:10 druida snoopy[662]: [(null), uid:0 sid:359]: mv /var/tmp/logcheck/checkoutput.t Aug 28 15:58:10 druida snoopy[663]: [(null), uid:0 sid:359]: egrep -v -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:10 druida snoopy[664]: [(null), uid:0 sid:359]: mv /var/tmp/logcheck/checkoutput.t Aug 28 15:58:10 druida snoopy[665]: [(null), uid:0 sid:359]: egrep -v -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:10 druida snoopy[666]: [(null), uid:0 sid:359]: mv /var/tmp/logcheck/checkoutput.t Aug 28 15:58:10 druida snoopy[667]: [(null), uid:0 sid:359]: egrep -v -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:10 druida snoopy[668]: [(null), uid:0 sid:359]: mv /var/tmp/logcheck/checkoutput.t Aug 28 15:58:10 druida snoopy[669]: [(null), uid:0 sid:359]: egrep -v -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:10 druida snoopy[670]: [(null), uid:0 sid:359]: mv /var/tmp/logcheck/checkoutput.t Aug 28 15:58:10 druida snoopy[671]: [(null), uid:0 sid:359]: egrep -v -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:11 druida snoopy[672]: [(null), uid:0 sid:359]: mv /var/tmp/logcheck/checkoutput.t Aug 28 15:58:11 druida snoopy[673]: [(null), uid:0 sid:359]: egrep -v -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:11 druida snoopy[674]: [(null), uid:0 sid:359]: mv /var/tmp/logcheck/checkoutput.t Aug 28 15:58:11 druida snoopy[675]: [(null), uid:0 sid:359]: egrep -v -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:11 druida snoopy[676]: [(null), uid:0 sid:359]: mv /var/tmp/logcheck/checkoutput.t Aug 28 15:58:11 druida snoopy[677]: [(null), uid:0 sid:359]: egrep -v -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:11 druida snoopy[678]: [(null), uid:0 sid:359]: mv /var/tmp/logcheck/checkoutput.t Aug 28 15:58:11 druida snoopy[679]: [(null), uid:0 sid:359]: egrep -v -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:11 druida snoopy[680]: [(null), uid:0 sid:359]: mv /var/tmp/logcheck/checkoutput.t Aug 28 15:58:11 druida snoopy[681]: [(null), uid:0 sid:359]: egrep -v -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:11 druida snoopy[682]: [(null), uid:0 sid:359]: mv /var/tmp/logcheck/checkoutput.t Aug 28 15:58:11 druida snoopy[683]: [(null), uid:0 sid:359]: egrep -v -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:11 druida snoopy[684]: [(null), uid:0 sid:359]: mv /var/tmp/logcheck/checkoutput.t Aug 28 15:58:11 druida snoopy[685]: [(null), uid:0 sid:359]: egrep -v -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:11 druida snoopy[686]: [(null), uid:0 sid:359]: mv /var/tmp/logcheck/checkoutput.t Aug 28 15:58:11 druida snoopy[687]: [(null), uid:0 sid:359]: egrep -v -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:11 druida snoopy[688]: [(null), uid:0 sid:359]: mv /var/tmp/logcheck/checkoutput.t Aug 28 15:58:11 druida snoopy[689]: [(null), uid:0 sid:359]: egrep -v -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:11 druida snoopy[690]: [(null), uid:0 sid:359]: mv /var/tmp/logcheck/checkoutput.t Aug 28 15:58:11 druida snoopy[691]: [(null), uid:0 sid:359]: egrep -v -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:11 druida snoopy[692]: [(null), uid:0 sid:359]: mv /var/tmp/logcheck/checkoutput.t Aug 28 15:58:11 druida snoopy[693]: [(null), uid:0 sid:359]: egrep -v -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:11 druida snoopy[694]: [(null), uid:0 sid:359]: mv /var/tmp/logcheck/checkoutput.t Aug 28 15:58:11 druida snoopy[695]: [(null), uid:0 sid:359]: egrep -v -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:11 druida snoopy[696]: [(null), uid:0 sid:359]: mv /var/tmp/logcheck/checkoutput.t Aug 28 15:58:12 druida snoopy[697]: [(null), uid:0 sid:359]: egrep -v -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:12 druida snoopy[698]: [(null), uid:0 sid:359]: mv /var/tmp/logcheck/checkoutput.t Aug 28 15:58:12 druida snoopy[699]: [(null), uid:0 sid:359]: egrep -v -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:12 druida snoopy[700]: [(null), uid:0 sid:359]: mv /var/tmp/logcheck/checkoutput.t Aug 28 15:58:12 druida snoopy[701]: [(null), uid:0 sid:359]: egrep -v -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:12 druida snoopy[702]: [(null), uid:0 sid:359]: mv /var/tmp/logcheck/checkoutput.t Aug 28 15:58:12 druida snoopy[703]: [(null), uid:0 sid:359]: egrep -v -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:12 druida snoopy[704]: [(null), uid:0 sid:359]: mv /var/tmp/logcheck/checkoutput.t Aug 28 15:58:12 druida snoopy[705]: [(null), uid:0 sid:359]: egrep -v -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:12 druida snoopy[706]: [(null), uid:0 sid:359]: mv /var/tmp/logcheck/checkoutput.t Aug 28 15:58:12 druida snoopy[707]: [(null), uid:0 sid:359]: egrep -v -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:12 druida snoopy[708]: [(null), uid:0 sid:359]: mv /var/tmp/logcheck/checkoutput.t Aug 28 15:58:12 druida snoopy[709]: [(null), uid:0 sid:359]: egrep -v -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:12 druida snoopy[710]: [(null), uid:0 sid:359]: mv /var/tmp/logcheck/checkoutput.t Aug 28 15:58:12 druida snoopy[711]: [(null), uid:0 sid:359]: egrep -v -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:12 druida snoopy[712]: [(null), uid:0 sid:359]: mv /var/tmp/logcheck/checkoutput.t Aug 28 15:58:12 druida snoopy[713]: [(null), uid:0 sid:359]: egrep -v -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:12 druida snoopy[714]: [(null), uid:0 sid:359]: mv /var/tmp/logcheck/checkoutput.t Aug 28 15:58:12 druida snoopy[715]: [(null), uid:0 sid:359]: egrep -v -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:12 druida snoopy[716]: [(null), uid:0 sid:359]: mv /var/tmp/logcheck/checkoutput.t Aug 28 15:58:12 druida snoopy[717]: [(null), uid:0 sid:359]: egrep -v -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:12 druida snoopy[718]: [(null), uid:0 sid:359]: mv /var/tmp/logcheck/checkoutput.t Aug 28 15:58:12 druida snoopy[719]: [(null), uid:0 sid:359]: egrep -v -f /var/lib/logcheck/cleaned/ignor Aug 28 15:58:12 druida snoopy[720]: [(null), uid:0 sid:359]: mv /var/tmp/logcheck/checkoutput.t Aug 28 15:58:13 druida snoopy[721]: [(null), uid:0 sid:359]: cat /var/tmp/logcheck/checkoutput.3 Aug 28 15:58:13 druida snoopy[722]: [(null), uid:0 sid:359]: cat /var/tmp/logcheck/checkreport.3 Aug 28 15:58:13 druida snoopy[723]: [(null), uid:0 sid:359]: mail -s druida.dw 2002/08/28 15:58 syst Aug 28 15:58:13 druida snoopy[724]: [(null), uid:0 sid:359]: send-mail -i -- root Aug 28 15:58:13 druida snoopy[725]: [(null), uid:0 sid:359]: rm -f /var/tmp/logcheck/check.360 /var/tmp/logcheck/check-sorted. Aug 28 15:58:13 druida snoopy[727]: [(null), uid:8 sid:359]: /usr/sbin/exim -Mc 17k817-0000Bg-00 Aug 28 15:58:30 druida login[350]: ROOT LOGIN on `tty1'