12-05-2002
Definitely rebuild. There were a few gnarly rootkits floating around - you'll never get clean.
Reinstall, then go to Redhat and install every one of those darn updates for 7.0. It takes some time, but that's how it's got to be if you want to be a decent 'net citizen. Think how many other users have been rooted from your box (acting as a launch-pad).
Also, out of interest, search google for info to find out which one got you. Then you can go back and see how they got in.
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Working out of AIX 4.3.
All logs that were written via application suddenly stopped. executing a tail -f <logfile> was not producing any results.
Tried to refresh the syslogd (daemon). When executing "refresh -s syslogd" system would display
<<0513-036 The request could not be passed to... (2 Replies)
Discussion started by: buRst
2 Replies
2. UNIX for Advanced & Expert Users
I would like to start up multiple instances of syslog daemon. I am having a little difficulty. Is this at all possible?
I have separate syslog.conf1.... syslog.conf5 files.
I have linked the daemon to separate files syslogd1 ... syslogd5
I have arranged the rcd.2 start/stop scripts for... (9 Replies)
Discussion started by: Gary Dunn
9 Replies
3. UNIX for Advanced & Expert Users
I have a remote syslog server which is recieving messages from many hosts. I would like it to log them in seperate files denoted by hostname . For example all messages for host1 in a directory of the same name. Is there an easy way to do this using syslogd? I have a feeling syslog-ng provides this... (3 Replies)
Discussion started by: silvaman
3 Replies
4. Solaris
Hi friends,
is it possible to ignore special messages with syslogd? we have some errors that are firmware issues an no real faults. we serach for a way to ignore ONLY these messages... OS is solaris 10...
any ideas?
tia,
DN2 (1 Reply)
Discussion started by: DukeNuke2
1 Replies
5. AIX
Hi,
I wanted to log some authentication information, so I added following line to /etc/syslog.conf:
auth.info /home/vilius/dir1/eeerrr.log
After that I refreshed syslogd subsystem:
refresh -s syslogd
To check my logging I made few unsuccessfull attempts to login as root using ssh and... (1 Reply)
Discussion started by: vilius
1 Replies
6. Solaris
Hi All,
I can seem to find the syslog daemon in the /etc/init.d/ dir. i have made change to the syslog.conf i need to restart the daemon. am using solaris 10. i have no problem on version 9
Anyone with a template i can use for log review for auditing purposes. (1 Reply)
Discussion started by: lottiem
1 Replies
7. Linux
I'm recieving from time to time such messages:
Message from syslogd@localhost at Sat Jul 8 18:29:58 2006 ...
localhost kernel: Disabling IRQ #17
What could cause such messages? How can I at least disable these messages which are posted on all terminals?
Note:
$ uname -a
Linux... (19 Replies)
Discussion started by: Hitori
19 Replies
8. AIX
Hi Guys,
I am configuring syslogd for Message broker.
I know that we have to add a line user.* /var/log/wmb.log
to the /etc/syslog.conf file.
I want to know what userid does the user in user.* take?
Thanks (1 Reply)
Discussion started by: vandi
1 Replies
9. Solaris
Hi ,
Iam using Solaris8 and as I checked I found syslogd process not running
can please somebody suggest me the way to start it. (2 Replies)
Discussion started by: Laxxi
2 Replies
10. Solaris
Where do I configure where syslogd writes to log files?
I've got open files in an archive directory called errlog.131017 and audlog.131017 and, having run an fuser, it appears that syslogd is writing to these files. (3 Replies)
Discussion started by: psychocandy
3 Replies
SESD(8) BSD System Manager's Manual SESD(8)
NAME
sesd -- monitor SCSI Environmental Services Devices
SYNOPSIS
sesd [-d] [-t poll-interval] device [device ...]
DESCRIPTION
sesd monitors SCSI Environmental Services (or SAF-TE) devices for changes in state and logs such changes changes to the system error logger
(see syslogd(8)). At least one device must be specified. When no other options are supplied, sesd detaches and becomes a daemon, by default
waking up every 30 seconds to poll each device for a change in state.
The following options may be used:
-d Instead of detaching and becoming a daemon, stay attached to the controlling terminal and log changes there as well as via the system
logger.
-p poll-interval
Change the interval of polling from the default 30 seconds to the number of seconds specified.
The user may then use getencstat(8) to get more detailed information about the state of the over enclosure device or objects within the
enclosure device.
FILES
/dev/sesN SCSI Environmental Services Devices
SEE ALSO
ses(4), getencstat(8), setencstat(8), setobjstat(8), syslogd(8)
BUGS
This is something of a toy, but it is better than nothing.
BSD
February 21, 2000 BSD