Sudden problem with Syslog - missing entries to logs
CentOS 5.6 Server patched to latest, multiple name-based apache virtual hosts. SELinux OFF
Everything was working fine until the other day. I've been making quite a lot of changes so it may well be something I've done, but I can't find out what!
Last night I got the following in my logwatch : -
Requests with error response codes
404 Not Found
/admin/phpmyadmin/scripts/setup.php: 1 Time(s)
/admin/pma/scripts/setup.php: 1 Time(s)
/admin/scripts/setup.php: 1 Time(s)
/db/scripts/setup.php: 1 Time(s)
/dbadmin/scripts/setup.php: 1 Time(s)
/favicon.ico: 8 Time(s)
/myadmin/scripts/setup.php: 1 Time(s)
/mysql/scripts/setup.php: 1 Time(s)
/mysqladmin/scripts/setup.php: 1 Time(s)
/phpMyAdmin/scripts/setup.php: 1 Time(s)
/phpadmin/scripts/setup.php: 1 Time(s)
/phpmyadmin/scripts/setup.php: 1 Time(s)
/pma/scripts/setup.php: 1 Time(s)
/scripts/setup.php: 1 Time(s)
/sqlweb/scripts/setup.php: 1 Time(s)
/web/phpMyAdmin/scripts/setup.php: 1 Time(s)
/web/phpmyadmin/scripts/setup.php: 1 Time(s)
/web/scripts/setup.php: 1 Time(s)
/webadmin/scripts/setup.php: 1 Time(s)
/webdb/scripts/setup.php: 1 Time(s)
/websql/scripts/setup.php: 1 Time(s)
The problem is that NONE of my logs, secure, httpd, messages, NONE of them, show any trace of these hacking attempts. They used to show up in secure and apache error logs, but no longer.
Can anyone tell me what I've done wrong or what I should be checking?
Last edited by baldur2630; 05-23-2011 at 01:42 AM.
|