Hola Lena, Lo primero es que no encuentra el antivirus y luego cuando intenta leer el archivo: /etc/dspam/dspam.d//mysql.conf no puede, supongo que por permisos.
Lo otro es que han intentado acceder por ssh a tu server y no han podido. Estos ataques generalmente son automaticos y aleatorios, es decir, no necesariamente son de alguien que busca atacarte, sino de algun robot que busca alguna vulnerabilidad. Salu2 On 4/23/06, Lena Sicilia Casariego Mariño <[EMAIL PROTECTED]> wrote: > > Hola Lista hace unos dias estuve configurando un servidor de correos y bueno > al parecer que me faltan algunas cosas que configurar... hoy revise los log > y bueno me sale esto... alguien me puede explicar que es lo que falta... > > This email is sent by logcheck. If you wish to no-longer receive it, you can > either deinstall the logcheck package or modify its configuration file > (/etc/logcheck/logcheck.conf). > > Security Events > > =-=-=-=-=-=-=-= > > Apr 23 03:02:16 servidor2 amavis[11226]: (11226-03) ask_av (ClamAV-clamd) > FAILED - unexpected result: > /var/lib/amavis/tmp/amavis-20060422T230216-11226/parts: > Access denied. ERROR\n Apr 23 03:02:16 servidor2 amavis[11226]: (11226-03) > WARN: all primary virus scanners failed, considering backups Apr 23 03:02:20 > servidor2 dspam[16675]: Unable to open file for reading: > /etc/dspam/dspam.d//mysql.conf: Permission denied Apr 23 03:02:20 servidor2 > amavis[11226]: (11226-03) WARN: DSPAM problem, exit 1, result=16675: > [04/23/2006 03:02:20] Unable to open file for reading: > /etc/dspam/dspam.d//mysql.conf: Permission denied\n > > System Events > > =-=-=-=-=-=-= > Apr 23 03:02:20 servidor2 dspam[16675]: Unable to read dspam.conf > > > ah y esto tambien encontre en otro log... > > > > System Events > > =-=-=-=-=-=-= > > Apr 22 22:10:26 servidor2 sshd[12119]: Illegal user alvares from > ::ffff:200.139.160.135 > > Apr 22 22:10:27 servidor2 sshd[12121]: Illegal user alvares from > ::ffff:200.139.160.135 > > Apr 22 22:10:29 servidor2 sshd[12123]: Illegal user amaral from > ::ffff:200.139.160.135 > > Apr 22 22:10:30 servidor2 sshd[12125]: Illegal user amaral from > ::ffff:200.139.160.135 > > Apr 22 22:10:32 servidor2 sshd[12127]: Illegal user andrade from > ::ffff:200.139.160.135 > > Apr 22 22:10:33 servidor2 sshd[12129]: Illegal user andrade from > ::ffff:200.139.160.135 > > Apr 22 22:10:35 servidor2 sshd[12131]: Illegal user antunes from > ::ffff:200.139.160.135 > > Apr 22 22:10:36 servidor2 sshd[12133]: Illegal user antunes from > ::ffff:200.139.160.135 > > Apr 22 22:10:38 servidor2 sshd[12135]: Illegal user azevedo from > ::ffff:200.139.160.135 > > Apr 22 22:10:39 servidor2 sshd[12137]: Illegal user azevedo from > ::ffff:200.139.160.135 > > Apr 22 22:10:41 servidor2 sshd[12139]: Illegal user bernardes from > ::ffff:200.139.160.135 > > Apr 22 22:10:42 servidor > > > > Gracias... > > Lena Sicilia > _______________________________________________ > Linux-plug mailing list > [email protected] > http://www.linux.org.pe/cgi-bin/mailman/listinfo/linux-plug > > > -- Nestor http://nestor.sertzen.com _______________________________________________ Linux-plug mailing list [email protected] http://www.linux.org.pe/cgi-bin/mailman/listinfo/linux-plug
