Error log in /var/log/messages

raymond117 · 01-20-2005, 07:46 AM

Hi all. Need your help .. thx.

I am using Redhat 9 2.4.26

I found the following logs in /var/log/messages these days... (occurs 3~4 times this week.. no other log is found in the same time as these log:

kernel: NET: 1 messages suppressed.
kernel: NET: 2 messages suppressed.
kernel: NET: 1 messages suppressed.
kernel: NET: 6 messages suppressed.
kernel: NET: 1 messages suppressed.
kernel: NET: 2 messages suppressed.

Anyone knows what are they ?
Any bad impact to my linux box?
what should I do ??

Thanks !!

wimdh · 01-21-2005, 09:24 AM

Can you launch ethereal or tcpdump.
you can match the timestamps and see what's going on..

raymond117 · 01-21-2005, 09:43 AM

thx...

but... how to post it out ???

wimdh · 01-21-2005, 09:53 AM

Installing iptables and log all packets is also an option...
Then you'll have to see where they come from..

success

raymond117 · 01-21-2005, 10:13 AM

sorry , I am new to Linux..

any command / any specific files I can try to see ?

Thx for your kind help !

vhh · 01-22-2005, 04:47 AM

Hello,

I got an other problem in the log file /var/log/message which I don't understand what it is.
------------------------------
Jan 19 09:32:15 myhost userhelper: pam_timestamp: `/' permissions are lax
------------------------------

I tried: #ls -ld /

It returned: drwxrwx--x 20 root root 4096 Jan 12 12:51

What's happend? And How do I do now?

Thank you,

wimdh · 01-24-2005, 05:02 AM

Hey Raymond,

http://www.linuxmigration.com/quickr.../ethereal.html

is a good startingpoint :-)

Success

wimdh · 01-24-2005, 05:06 AM

Hey vhh

your root dir seems to be group writable.
do a:

Code:

chmod g-w /

success

vhh · 01-26-2005, 06:56 AM

Thanks wimdh! I've done it already.

Why did it show me the notice under username "userhelper"? Did someone hack at me?

Anyway, thank you.

wimdh · 01-26-2005, 07:17 AM

Hi vhh

userhelper is a part of PAM
try man userhelper.
PAM reported the error when someone autenticated I think...