Hi there Linux World
I would say that Im still junior level at the linux side. But i am using logwatch to run some reports on a couple of servers and I was wondering what this log information means if i can get some explanation that would be cool. Is it dangerous or not etc etc -

Attempts to use known hacks by 3 hosts were logged 3 time(s) from:
with 3 IPs

A total of 3 sites probed the server
with 3 ips

!!!! 3 possible successful probes
With link paths/querys with http errors at the end of them
http response 200

Just wondering what logwatch means when it says 3 possible successful probes - Does this mean their hacking my servers?

*Heads up*
There are more logwatch reports that I question but i want to start with these ones first. If anyone can help in explaining that would be great.

Thanks,
lastcall79

All the report lines you posted should be accompanied by the IP addresses involved and clues in the sense of filters/paths Logwatch checks for (which you didn't post). "3 possible successful probes" means just that: a HTTP request for an existing (code 200) entity. The context, as in cracking or not, depends on what actually was requested (which you didn't post).