|
|
|
|
|||||||
| Forums | Portal | Register | Forum Rules | FAQ | Contribute | Members List | Arcade | Search | Today's Posts | Mark Forums Read |
| Security Anything involving computer security goes here. |
More UNIX and Linux Forum Topics You Might Find Helpful
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| syslogd 30% utilization in top, solaris 9 | chugheshc | SUN Solaris | 2 | 05-28-2008 08:18 AM |
| Syslogd | silvaman | UNIX for Advanced & Expert Users | 3 | 08-29-2006 04:53 AM |
| Message from syslogd | Hitori | Linux | 18 | 07-27-2006 12:25 PM |
| multiple instances of syslogd - is it possible? | Gary Dunn | UNIX for Advanced & Expert Users | 9 | 07-20-2004 06:10 AM |
| syslogd | buRst | UNIX for Dummies Questions & Answers | 2 | 11-26-2002 10:00 AM |
 |
|
|
Submit Tools | LinkBack | Thread Tools | Search this Thread | Display Modes |
|
#1
12-05-2002
|
|||
|
|||
|
HELP!!! syslogd is down...
Hi all
My system logger has been down for the past 3 days... I am not able to get it to start from the terminal... /etc/init.d/syslogd start I am unable to find a log as to why it is failing!! Please advice where to look!!! I am totally lost here! Thanks in advance... KS 
|
| Forum Sponsor | ||
|
|
|
#3
12-05-2002
|
||||
|
||||
|
Please post which OS and version.
Have you checked disk space? Have you checked that permissions on the following files have not changed? (configuration file {could be /etc/syslog.conf}, /etc/init.d/syslogd, the directory it should be dumping to and the file {look in the configuration file to insure it's dumping where you thought it should}) You can add the -d option to debug when starting it (may have to do this either in the startup script or start the daemon manually ). (Perderabo hit this at the same time)
|
|
#4
12-05-2002
|
|||
|
|||
 )I got hit by a rootkit. The hacker must have shut down the daemon. Is there a way to clean out the system from the SK rootkit? Please let me know! I know a re-install is suggested but this is the second time this is happenning and I want to find a way to tackle this with the minimum downtime!! I am running redhat linux 7.0. Please advice... thanks KS
|
|
#5
12-05-2002
|
||||
|
||||
|
If it's the second time, then you must know that you have not done enough to keep the hacker out. Attempting to check all your files and hope you get them all so you don't have to do this a third time I believe to be a waste of your time.
See what others have to say - IMHO - rebuild. Wright State U - Internet Security
|
|
#6
12-05-2002
|
||||
|
||||
|
Definitely rebuild. There were a few gnarly rootkits floating around - you'll never get clean.
Reinstall, then go to Redhat and install every one of those darn updates for 7.0. It takes some time, but that's how it's got to be if you want to be a decent 'net citizen. Think how many other users have been rooted from your box (acting as a launch-pad). Also, out of interest, search google for info to find out which one got you. Then you can go back and see how they got in.
|
||||
| Google The UNIX and Linux Forums |
Simon Champion!
Linear Mode
