Date: Fri, 03 Apr 1998 11:42:44 -0800 From: Studded <Studded@san.rr.com> To: FreeBSD Questions <freebsd-questions@FreeBSD.ORG> Subject: Odd syslog entrys Message-ID: <35253BB4.BC9BC943@san.rr.com>
next in thread | raw e-mail | index | archive | help
A customer wanted me to take a look at some odd syslog entries on his machine. I am guessing that someone connected directly to syslogd and entered the info directly. If this is the case, I would appreciate confirmation and if anyone knows the method I'd like to demonstrate to the customer what happened and show that the leak is plugged. They did not have the -s option enabled on syslogd but I killed it and restarted with that option. Here are the messages: Apr 3 10:25:23 j59.mlk31.jaring.my HELO fuckhead Apr 3 10:25:35 j59.mlk31.jaring.my last message repeated 10 times Apr 3 10:27:40 j59.mlk31.jaring.my last message repeated 4 times Apr 3 10:29:39 j59.mlk31.jaring.my last message repeated 4 times Apr 3 12:48:28 t4o31p25.telia.com GET ../.. Apr 3 12:48:28 t4o31p25.telia.com last message repeated 3 times Apr 3 12:50:22 t4o31p25.telia.com last message repeated 4 times Apr 3 12:59:40 t4o31p25.telia.com last message repeated 20 times Apr 3 13:08:02 t4o31p25.telia.com last message repeated 16 times Thanks for any help, Doug -- *** Chief Operations Officer, DALnet IRC network *** *** Proud operator, designer and maintainer of the world's largest *** Internet Relay Chat server. 5,328 clients and still growing. *** Try spider.dal.net on ports 6662-4 (Powered by FreeBSD) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?35253BB4.BC9BC943>