LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Debian
User Name
Password
Debian This forum is for the discussion of Debian Linux.

Notices


Reply
  Search this Thread
Old 06-11-2008, 04:19 AM   #16
frenchn00b
Senior Member
 
Registered: Jun 2007
Location: E.U., Mountains :-)
Distribution: Debian, Etch, the greatest
Posts: 2,546

Original Poster
Rep: Reputation: 57

Regarding that sensible-mda issue, is that not an hidden hack or virus ?
and what should I do ? Isnt that strange that it occured suddenly?

Happy tux (even with no machine )
 
Old 06-11-2008, 07:06 AM   #17
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,406
Blog Entries: 55

Rep: Reputation: 3578Reputation: 3578Reputation: 3578Reputation: 3578Reputation: 3578Reputation: 3578Reputation: 3578Reputation: 3578Reputation: 3578Reputation: 3578Reputation: 3578
Quote:
Originally Posted by frenchn00b View Post
Regarding that sensible-mda issue, is that not an hidden hack or virus ?
There's no indication of a "hack" in the logs you showed.
You should know by now viruses are *not* the major problems we should care for with GNU/Linux.


Quote:
Originally Posted by frenchn00b View Post
and what should I do ?
Farslayer already said that installing the "sensible-mda" package might help, since that's what the logs go on about.
If you don't want to install it then at least shut down your mailserver to keep it from clogging up your log dir while you investigate on.


Quote:
Originally Posted by frenchn00b View Post
Isnt that strange that it occured suddenly?
Sure, but w/o more detailed info about what you changed when on your machine that would only amount to guessing.


BTW, and not that it matters much now, but the version of Rootkit Hunter you got was 1.2.9. We're at 1.3.2. I'll keep my opinion about distro's shipping stale software for another thread.

BTW[1], I corrected your BB code tags for reasons of readability. Next time please do that yourself.

BTW[2], @Dutch Master: please don't refer to the "old" Rootkit Hunter address. The project moved to http://sourceforge.net/projects/rkhunter a long time ago.

//moderator.note: I moved the OT part to http://www.linuxquestions.org/questi...lly-ot-648570/ FWIW.

Last edited by unSpawn; 06-11-2008 at 10:37 AM.
 
Old 06-14-2008, 02:21 AM   #18
frenchn00b
Senior Member
 
Registered: Jun 2007
Location: E.U., Mountains :-)
Distribution: Debian, Etch, the greatest
Posts: 2,546

Original Poster
Rep: Reputation: 57
I installed sensible mta but it keeps going !!
it load teh logs

Code:
Jun 14 09:19:53 localhost sm-mta[5814]: m5DLgXe5005975: to=frenchn00B, delay=09:33:18, xdelay=00:00:00, mailer=local, pri=390000, dsn=2.0.0, stat=Sent
Jun 14 09:19:53 localhost sm-mta[5814]: m5DLgXe6005975: to=frenchn00B, delay=09:33:18, xdelay=00:00:00, mailer=local, pri=390000, dsn=2.0.0, stat=Se
 
Old 06-14-2008, 05:10 AM   #19
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,406
Blog Entries: 55

Rep: Reputation: 3578Reputation: 3578Reputation: 3578Reputation: 3578Reputation: 3578Reputation: 3578Reputation: 3578Reputation: 3578Reputation: 3578Reputation: 3578Reputation: 3578
Yeah right, but these are not the same messages. If the amount of logging is still reason to investigate, then check the messages sent to your account for clues, it could be a cronjob gone wrong. Else list all continuously running processes and review them for how they log warnings and error output and list all cronjobs and check them out for how they log warnings and error output.
 
Old 06-19-2008, 05:41 AM   #20
frenchn00b
Senior Member
 
Registered: Jun 2007
Location: E.U., Mountains :-)
Distribution: Debian, Etch, the greatest
Posts: 2,546

Original Poster
Rep: Reputation: 57
Quote:
Originally Posted by unSpawn View Post
Yeah right, but these are not the same messages. If the amount of logging is still reason to investigate, then check the messages sent to your account for clues, it could be a cronjob gone wrong. Else list all continuously running processes and review them for how they log warnings and error output and list all cronjobs and check them out for how they log warnings and error output.
the crontab remained same. It is like those usual just installed Debian stable...
I dont know what to look for a solution... should I reinstall teh box? which file should I output here hte content ?
 
Old 06-19-2008, 07:02 AM   #21
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,406
Blog Entries: 55

Rep: Reputation: 3578Reputation: 3578Reputation: 3578Reputation: 3578Reputation: 3578Reputation: 3578Reputation: 3578Reputation: 3578Reputation: 3578Reputation: 3578Reputation: 3578
The last log excerpt you've shown lists only sent e-mail messages. If the amount of messages per time interval exceeds your expectations then check if those are system alert, warning or error messages. Reinstalling teh box is a reflex that may seem convenient at first because it could (or not) alleviate symptoms but in the long run does not make you understand the cause.
 
Old 06-20-2008, 05:19 PM   #22
frenchn00b
Senior Member
 
Registered: Jun 2007
Location: E.U., Mountains :-)
Distribution: Debian, Etch, the greatest
Posts: 2,546

Original Poster
Rep: Reputation: 57
Quote:
Originally Posted by unSpawn View Post
The last log excerpt you've shown lists only sent e-mail messages. If the amount of messages per time interval exceeds your expectations then check if those are system alert, warning or error messages. Reinstalling teh box is a reflex that may seem convenient at first because it could (or not) alleviate symptoms but in the long run does not make you understand the cause.
well what would advice to check actually ?
 
Old 06-20-2008, 05:48 PM   #23
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,406
Blog Entries: 55

Rep: Reputation: 3578Reputation: 3578Reputation: 3578Reputation: 3578Reputation: 3578Reputation: 3578Reputation: 3578Reputation: 3578Reputation: 3578Reputation: 3578Reputation: 3578
The log you posted is your mail log. It reports e-mail transactions, mail sent to you or others. If a lot of e-mail is sent to you, check your e-mails. They could be messages from your system. These system messages will tell you if there is something wrong or not.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
disk space full because alot of files in /var/spool/clientmqueue folder k0nsole.c Linux - Software 4 03-21-2016 09:26 AM
Can Samhain log my entries in /var/log/secure and /var/log/mesage to a central server abefroman Linux - Software 2 04-13-2008 04:13 PM
/var/log/messages filling up space. Asim Ahmed Linux - Newbie 1 04-09-2008 01:10 AM
First full update for Debian Etch (stable) jens Debian 1 08-17-2007 05:10 PM
/var/log/messages going crazy -- udev Poetics Slackware 7 01-21-2006 01:49 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Debian

All times are GMT -5. The time now is 03:57 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration