1839188 Members
5891 Online
110137 Solutions
New Discussion

Re: Syslogd messages

 
SOLVED
Go to solution
Edwin Ruiz_2
Super Advisor

Syslogd messages

Hi!

I am receiving constantly this messages in my linux console.. is this a problem? thanks

Message from syslogd@salato-apl10 at Tue Feb 3 09:40:00 2004 ...
salato-apl10
25 REPLIES 25
Olivier Drouin
Trusted Contributor
Solution

Re: Syslogd messages

Did you truncate the message or its all you get ?
Do you have anything related in /var/log/messages ?

salato-apl10 : is it your localhost or a remote box ?
Edwin Ruiz_2
Super Advisor

Re: Syslogd messages

This is all the messages... This is one tail of /var/log/messages:

[32446]: FTP session closed
Feb 3 10:10:35 salato-apl10 ftpd[32501]: FTP LOGIN FROM 57.234.98.17 [57.234.98.17], iasuser
Feb 3 10:10:36 salato-apl10 ftpd[32504]: FTP LOGIN FROM 57.234.98.17 [57.234.98.17], iasuser
Feb 3 10:12:09 salato-apl10 ftpd[826]: FTP LOGIN FROM 57.234.98.17 [57.234.98.17], iasuser
Feb 3 10:12:13 salato-apl10 ftpd[826]: FTP session closed
Feb 3 10:15:00 salato-apl10
Feb 3 10:15:00 salato-apl10 78>Feb 3 10:15:00 CROND[2240]: (root) CMD (/usr/bin/mrtg /etc/mrtg/mrtg.cfg)
Feb 3 10:15:00 salato-apl10
Alexander Chuzhoy
Honored Contributor

Re: Syslogd messages

Try to edit the file /etc/syslog.conf

see if the line with /dev/console isn't remarked and if it's so -just mark it with #

Best Regards.
Edwin Ruiz_2
Super Advisor

Re: Syslogd messages

Line is comment with #

[root@salato-apl10 etc]# more syslog.conf
# Log all kernel messages to the console.
# Logging much else clutters up the screen.
#kern.* /dev/console

this is the line.


Alexander Chuzhoy
Honored Contributor

Re: Syslogd messages

How often do you receive this message?

try to see if there's a respective job in crontab....
Sergejs Svitnevs
Honored Contributor

Re: Syslogd messages

If syslog cannot pass the message to syslogd it will attempt to write the message to the console (/dev/console).
You need to check /etc/syslog.conf for it's contents (man syslog.conf).

Regards,
Sergejs
Edwin Ruiz_2
Super Advisor

Re: Syslogd messages

i receive this messages 5 minutes
Alexander Chuzhoy
Honored Contributor

Re: Syslogd messages

let's try to isolate the problem

try to shutdown the syslogd service
service syslog stop


and see if the message comes again....
Edwin Ruiz_2
Super Advisor

Re: Syslogd messages

i dont receive messages again... i can not to connect with root to my system.. i can not make a new conection ... i have many problemas now... command ps give this error

Signal 17 caught by ps (procps version .).
Please send bug reports to

/var/log/messages show
Feb 1 04:02:04 salato-apl10 modprobe: modprobe: Can't locate module ppp0
Feb 1 04:02:04 salato-apl10 modprobe: modprobe: Can't locate module ppp0
Feb 1 04:02:05 salato-apl10 modprobe: modprobe: Can't locate module ppp0
Feb 1 04:02:05 salato-apl10 modprobe: modprobe: Can't locate module ppp0
Feb 1 04:02:06 salato-apl10 modprobe: modprobe: Can't locate module ppp0
Feb 1 04:02:07 salato-apl10 modprobe: modprobe: Can't locate module ppp0
Feb 1 04:22:00 salato-apl10 modprobe: modprobe: Can't locate module ppp0

Alexander Chuzhoy
Honored Contributor

Re: Syslogd messages

did you compile your kernel recently and now booted with new kernel?

look s like your system can't find a module for modem ....
Edwin Ruiz_2
Super Advisor

Re: Syslogd messages

i did not compile my kernel.. i install other kernel but no in that date.

last month i had that messages, when i reboot my system this cant bring up lo.. i reinstall my OS
Alexander Chuzhoy
Honored Contributor

Re: Syslogd messages

was your system connected directly to the internet?
Maybe it was hacked..
Edwin Ruiz_2
Super Advisor

Re: Syslogd messages

yes i am direct to internet.... oh my god!
Edwin Ruiz_2
Super Advisor

Re: Syslogd messages

can i do something for repair that?
Alexander Chuzhoy
Honored Contributor

Re: Syslogd messages

if you didn't "backup" it-then I suggest you to reinstall everything from scratch.
If you didn't use firewall/iptables on your machine with some thorough configuration then your machine was like a honeypot.
Never do it again in the future unless you wish to make your machine a honeypot to see what can be done by some "nice" cracker.
Alexander Chuzhoy
Honored Contributor

Re: Syslogd messages

One more point:
It could also be a result of virus or some other malicious code that can be actually removed with antivirus or removal tool.
Sorry for this (important) notice coming late -maybe too late...
Edwin Ruiz_2
Super Advisor

Re: Syslogd messages

Are ther virus for linux?
Alexander Chuzhoy
Honored Contributor

Re: Syslogd messages

there sure are .
I use trendmicro's antivirus for protection but it costs money-there's free antivirus for linux-go here to download it:
http://www.ravantivirus.com/
Edwin Ruiz_2
Super Advisor

Re: Syslogd messages

I install Mc Afee AV (uv scan for linux), but when i can scan my file systems i get this error

The program has been altered; please replace it with a good copy.
Edwin Ruiz_2
Super Advisor

Re: Syslogd messages

I have linux/rst.b virus on red hat.. do u have some Av
Alexander Chuzhoy
Honored Contributor

Re: Syslogd messages

download from www.trendmicro.com their 30 days trial version that matches your kernel (to see your version of kernel do this command: uname -r )or download the free antivirus from the link I gave you before....
Edwin Ruiz_2
Super Advisor

Re: Syslogd messages

nothing funtion :-(
Alexander Chuzhoy
Honored Contributor

Re: Syslogd messages

Hey.
If nothing works on your station -then if there are important files on it -back them up - while there's a chance that they are infected too.
The best thing to do is to reinstall everything from scratch...
Olivier Drouin
Trusted Contributor

Re: Syslogd messages

nothing rm -rf cant solve.