LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page Logwatch questions...
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 08-10-2010, 08:24 AM   #1
tiger.woods
Member
 
Registered: Mar 2006
Posts: 122

Rep: Reputation: 15
Logwatch questions...

Everyday I've been seeing the following in the logs, the httpd requests look harmless to me but wanted to get another opinion.

The Secure Login is a little puzzling to me, its thefirst time I've seen it. Does it mean that someone was able to try and log into Webmin and just was denied??

Thanks for any input.

TW,

Quote:
--------------------- httpd Begin ------------------------

82.07 MB transferred in 21224 responses (1xx 0, 2xx 10543, 3xx 10507, 4xx 174, 5xx 0)
1 Images (0.00 MB),
21188 Content pages (82.07 MB),
35 Other (0.00 MB)

Requests with error response codes
401 Unauthorized
/phpmyadmin/scripts/setup.php: 1 Time(s)
404 Not Found
/PMA/scripts/setup.php: 1 Time(s)
/PMA2005/scripts/setup.php: 1 Time(s)
/admin/mysql/scripts/setup.php: 1 Time(s)
/admin/phpmyadmin/scripts/setup.php: 1 Time(s)
/admin/pma/scripts/setup.php: 1 Time(s)
/admin/scripts/setup.php: 1 Time(s)
/db/scripts/setup.php: 1 Time(s)
/dbadmin/scripts/setup.php: 1 Time(s)
/myadmin/scripts/setup.php: 1 Time(s)
/mysql-admin/scripts/setup.php: 1 Time(s)
/mysql/scripts/setup.php: 1 Time(s)
/mysqladmin/scripts/setup.php: 1 Time(s)
/mysqlmanager/scripts/setup.php: 1 Time(s)
/nosuichfile.php: 1 Time(s)
/noxdir/nosuichfile.php: 1 Time(s)
/p/m/a/scripts/setup.php: 1 Time(s)
/pHpMy/scripts/setup.php: 1 Time(s)
/pHpMyAdMiN/scripts/setup.php: 1 Time(s)
/php-my-admin/scripts/setup.php: 1 Time(s)
/php-myadmin/scripts/setup.php: 1 Time(s)
/phpMyA/scripts/setup.php: 1 Time(s)
/phpMyAdmi/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.10.0/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.11.1/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.11.10/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.11.2/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.11.3/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.11.4/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.11.5/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.11.6/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.11.7/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.11.8/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.11.9/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.2.3/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.2.6/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.3.0/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.3.1/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.3.2/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.3.3/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.3.4/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.3.5/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.3.6/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.3.7/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.3.8/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.3.9/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.4.0/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.4.1/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.4.2/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.4.3/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.4.4/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.4.5/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.4.6/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.4.7/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.4.8/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.4.9/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.5.0/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.5.1/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.5.2/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.5.3/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.5.4/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.5.5-pl1/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.5.5-rc1/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.5.5-rc2/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.5.5/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.5.6-rc1/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.5.6-rc2/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.5.6/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.5.7-pl1/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.5.7/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.5.8/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.5.9/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.6.0-alpha/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.6.0-alpha2/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.6.0-beta1/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.6.0-beta2/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.6.0-pl1/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.6.0-pl2/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.6.0-pl3/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.6.0-rc1/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.6.0-rc2/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.6.0-rc3/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.6.0/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.6.1-pl1/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.6.1-pl2/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.6.1-pl3/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.6.1-rc1/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.6.1-rc2/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.6.1/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.6.2-beta1/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.6.2-pl1/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.6.2-rc1/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.6.2/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.6.3-pl1/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.6.3-rc1/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.6.3/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.6.4-pl1/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.6.4-pl2/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.6.4-pl3/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.6.4-pl4/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.6.4-rc1/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.6.4/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.6.5/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.6.6/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.6.7/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.6.8/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.6.9/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.7.0-beta1/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.7.0-pl1/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.7.0-pl2/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.7.0-rc1/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.7.0/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.7.1/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.7.2/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.7.3/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.7.4/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.7.5/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.7.6/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.7.7/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.7.8/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.7.9/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.8.0-beta1/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.8.0-rc1/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.8.0-rc2/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.8.0.1/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.8.0.2/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.8.0.3/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.8.0.4/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.8.0/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.8.1-rc1/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.8.1/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.8.2/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.8.3/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.8.4/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.8.5/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.8.6/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.8.7/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.8.8/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.8.9/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.9.1/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2.9.2/scripts/setup.php: 1 Time(s)
/phpMyAdmin-2/scripts/setup.php: 1 Time(s)
/phpMyAdmin-3/scripts/setup.php: 1 Time(s)
/phpMyAdmin-4/scripts/setup.php: 1 Time(s)
/phpMyAdmin/scripts/setup.php: 1 Time(s)
/phpMyAdmin1/scripts/setup.php: 1 Time(s)
/phpMyAdmin2/scripts/setup.php: 1 Time(s)
/phpMyAds/scripts/setup.php: 1 Time(s)
/phpm/scripts/setup.php: 1 Time(s)
/phpmanager/scripts/setup.php: 1 Time(s)
/phpmy-admin/scripts/setup.php: 1 Time(s)
/phpmy/scripts/setup.php: 1 Time(s)
/phpmyad-sys/scripts/setup.php: 1 Time(s)
/phpmyad/scripts/setup.php: 1 Time(s)
/phpmyadmin2/scripts/setup.php: 1 Time(s)
/pma/scripts/setup.php: 1 Time(s)
/pma2005/scripts/setup.php: 1 Time(s)
/scripts/setup.php: 1 Time(s)
/sqladmin/scripts/setup.php: 1 Time(s)
/sqlmanager/scripts/setup.php: 1 Time(s)
/sqlweb/scripts/setup.php: 1 Time(s)
/vhcs2/tools/pma/scripts/setup.php: 1 Time(s)
/web/phpMyAdmin/scripts/setup.php: 1 Time(s)
/webadmin/scripts/setup.php: 1 Time(s)
/webdb/scripts/setup.php: 1 Time(s)
/websql/scripts/setup.php: 1 Time(s)
http://myip:80/mysql/admin/: 1 Time(s)
http://myip:80/mysql/dbadmin/: 1 Time(s)
http://myip:80/mysql/mysqlmanager/: 1 Time(s)
http://myip:80/mysql/sqlmanager/: 1 Time(s)
http://proxyjudge2.proxyfire.net/fastenv: 1 Time(s)
http://www.pitt.edu/~dash/stone3888.jpg: 1 Time(s)
http://www.wantsfly.com/prx2.php: 1 Time(s)
http://zerg.helllabs.net/cgi-bin/textenv.pl: 1 Time(s)

---------------------- httpd End -------------------------

Quote:
--------------------- Connections (secure-log) Begin ------------------------


**Unmatched Entries**
webmin: Timeout of session for username : 3 Time(s)

---------------------- Connections (secure-log) End -------------------------
 
Old 08-10-2010, 12:05 PM   #2
smoker
Senior Member
 
Registered: Oct 2004
Distribution: Fedora Core 4, 12, 13, 14, 15, 17
Posts: 2,279

Rep: Reputation: 250Reputation: 250Reputation: 250
The http 404s are only harmless as long as you don't have the things they are looking for lying around. i.e. /phpmy-admin/scripts/setup.php
Also, it's never a good idea to have mysql accessible from outside the server, keep it to localhost only. If you need for the dbase to be accessible by/from another machine use ssh and public key authentication.

The webmin entry looks like someone was logged in and the session timed out because nothing was transmitted for ages. That is probably part of webmins security (it's been a while since I used it).
 
Old 08-10-2010, 01:59 PM   #3
tiger.woods
Member
 
Registered: Mar 2006
Posts: 122

Original Poster
Rep: Reputation: 15
Thanks for the post.

Quote:
Also, it's never a good idea to have mysql accessible from outside the server, keep it to localhost only.
Was this because you saw something from the log or were you just making a point?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
I want to disable logwatch on our RHEL servers to stop the logwatch mail svik Linux - Enterprise 10 08-27-2009 02:51 PM
Does logwatch run automatically? How can I reset logwatch? abefroman Linux - Software 4 06-17-2009 02:17 AM
logwatch I keep getting this help please lildrummerboy Linux - Newbie 1 08-01-2004 01:57 PM
LogWatch exyst Linux - Software 0 03-13-2004 06:04 PM
What's LogWatch and why is it there? Travis86 Linux - Newbie 7 12-27-2002 03:07 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 11:58 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration