zgrepping /var/log/* for these services found no other instances.
Could this have been a rogue web page javascript attack? Can someone help me understand what may have happened? Should I be concerned? It does look like nothing actually completed successfully.
Linux spike 2.4.25-1-686 #3 Wed Apr 14 21:56:44 EST 2004 i686 GNU/Linux ~$ cat /etc/debian_version testing/unstable
Thanks!
Ralph
/var/log/daemon.log
Jun 25 14:47:35 spike in.qpopper[3690]: warning: can't get client address: Connection reset by peer
Jun 25 14:47:35 spike imapd[3692]: warning: can't get client address: Connection reset by peer
Jun 25 14:47:35 spike imapd[3694]: warning: can't get client address: Connection reset by peer
Jun 25 14:47:35 spike identd[3693]: started
Jun 25 14:47:35 spike identd[3693]: s_getpeername(10): Transport endpoint is not connected
Jun 25 14:47:35 spike imapd[3692]: connect from unknown
Jun 25 14:47:35 spike in.qpopper[3690]: connect from unknown
Jun 25 14:47:35 spike imapd[3694]: connect from unknown
Jun 25 15:24:11 spike imapd[3738]: warning: can't get client address: Connection reset by peer
Jun 25 15:24:11 spike imapd[3738]: connect from unknown
Jun 25 15:24:11 spike in.qpopper[3741]: warning: can't get client address: Connection reset by peer
Jun 25 15:24:11 spike in.qpopper[3741]: connect from unknown
Jun 25 15:24:11 spike imapd[3743]: warning: can't get client address: Connection reset by peer
Jun 25 15:24:11 spike imapd[3743]: connect from unknown
Jun 25 15:24:11 spike identd[3742]: started
Jun 25 15:24:11 spike identd[3742]: s_getpeername(10): Transport endpoint is not connected
Jun 25 15:24:13 spike imapd[3754]: connect from 127.0.0.1
Jun 25 15:24:13 spike imapd[3755]: connect from 127.0.0.1
Jun 25 15:24:13 spike in.qpopper[3756]: connect from 127.0.0.1
Jun 25 15:24:18 spike fam[3740]: fd 4 message length 218762506 bytes exceeds max of 4136.
Jun 25 15:24:18 spike fam[3740]: fd 4 message length 1195725856 bytes exceeds max of 4136.
Jun 25 15:24:18 spike fam[3740]: fd 4 message length 1330664521 bytes exceeds max of 4136.
Jun 25 15:24:18 spike fam[3740]: fd 4 message length 1330664521 bytes exceeds max of 4136.
Jun 25 15:24:18 spike fam[3740]: fd 4 message length -2147483608 bytes exceeds max of 4136.
Jun 25 15:24:18 spike fam[3740]: fd 4 message length 1966086 bytes exceeds max of 4136.
Jun 25 15:24:18 spike fam[3740]: fd 4 message length 786432 bytes exceeds max of 4136.
Jun 25 15:24:18 spike fam[3740]: fd 4 message length 1212501072 bytes exceeds max of 4136.
Jun 25 15:24:18 spike fam[3740]: fd 4 message length 369295360 bytes exceeds max of 4136.
Jun 25 15:24:18 spike fam[3740]: bad message (no request id)
Jun 25 15:24:18 spike fam[3740]: fd 4 message length 1811942144 bytes exceeds max of 4136.
Jun 25 15:24:18 spike fam[3740]: fd 4 message length 23356774 bytes exceeds max of 4136.
Jun 25 15:24:18 spike fam[3740]: fd 4 message length 806093313 bytes exceeds max of 4136.
Jun 25 15:24:18 spike fam[3740]: fd 4 message length 1414417744 bytes exceeds max of 4136.
Jun 25 15:24:18 spike fam[3740]: fd 4 message length 50331659 bytes exceeds max of 4136.
Jun 25 15:24:18 spike fam[3740]: fd 4 message length 1148019796 bytes exceeds max of 4136.
Jun 25 15:24:18 spike fam[3740]: fd 4 message length 973078528 bytes exceeds max of 4136.
Jun 25 15:24:18 spike fam[3740]: fd 4 message length 16777469 bytes exceeds max of 4136.
Jun 25 15:24:18 spike imapd[3760]: connect from 127.0.0.1
Jun 25 15:24:23 spike imapd[3762]: connect from 127.0.0.1
Jun 25 15:24:23 spike imapd[3763]: connect from 127.0.0.1
Jun 25 15:24:23 spike imapd[3764]: connect from 127.0.0.1
Jun 25 15:24:23 spike imapd[3765]: connect from 127.0.0.1
Jun 25 15:24:23 spike imapd[3766]: connect from 127.0.0.1
Jun 25 15:24:23 spike imapd[3767]: connect from 127.0.0.1
Jun 25 15:24:28 spike imapd[3769]: connect from 127.0.0.1
Jun 25 15:24:28 spike imapd[3770]: connect from 127.0.0.1
/var/log/mail.log
Jun 25 14:47:36 spike in.qpopper[3690]: Unable to obtain socket and address of client: Transport endpoint is not connected (107) [pop_init.c:1062]
Jun 25 14:47:36 spike imapd[3692]: imaps SSL service init from UNKNOWN
Jun 25 14:47:36 spike imapd[3694]: imap service init from UNKNOWN
Jun 25 14:47:36 spike imapd[3692]: Command stream end of file, while reading line user=??? host=UNKNOWN
Jun 25 15:24:11 spike imapd[3738]: imaps SSL service init from UNKNOWN
Jun 25 15:24:11 spike imapd[3743]: imap service init from UNKNOWN
Jun 25 15:24:11 spike in.qpopper[3741]: Unable to obtain socket and address of client: Transport endpoint is not connected (107) [pop_init.c:1062]
Jun 25 15:24:12 spike imapd[3738]: Command stream end of file, while reading line user=??? host=UNKNOWN
Jun 25 15:24:13 spike imapd[3754]: imaps SSL service init from 127.0.0.1
Jun 25 15:24:13 spike imapd[3755]: imap service init from 127.0.0.1
Jun 25 15:24:13 spike in.qpopper[3756]: (null) at spike (127.0.0.1): -ERR POP EOF or I/O Error [popper.c:820]
Jun 25 15:24:13 spike in.qpopper[3756]: I/O error flushing output to client at spike [127.0.0.1]: Broken pipe (32) [pop_send.c:689]
Jun 25 15:24:13 spike imapd[3755]: Command stream end of file, while reading line user=??? host=spike [127.0.0.1]
Jun 25 15:24:18 spike imapd[3754]: Unable to accept SSL connection, host=spike [127.0.0.1]
Jun 25 15:24:18 spike imapd[3754]: SSL error status: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request
Jun 25 15:24:18 spike imapd[3760]: imaps SSL service init from 127.0.0.1
Jun 25 15:24:23 spike imapd[3762]: imaps SSL service init from 127.0.0.1
Jun 25 15:24:23 spike imapd[3762]: Unable to accept SSL connection, host=spike [127.0.0.1]
Jun 25 15:24:23 spike imapd[3760]: Command stream end of file, while reading line user=??? host=spike [127.0.0.1]
Jun 25 15:24:23 spike imapd[3762]: SSL error status: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
Jun 25 15:24:23 spike imapd[3763]: imaps SSL service init from 127.0.0.1
Jun 25 15:24:23 spike imapd[3763]: Unable to accept SSL connection, host=spike [127.0.0.1]
Jun 25 15:24:23 spike imapd[3763]: SSL error status: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
Jun 25 15:24:23 spike imapd[3764]: imaps SSL service init from 127.0.0.1
Jun 25 15:24:23 spike imapd[3764]: Unable to accept SSL connection, host=spike [127.0.0.1]
Jun 25 15:24:23 spike imapd[3764]: SSL error status: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
Jun 25 15:24:23 spike imapd[3765]: imaps SSL service init from 127.0.0.1
Jun 25 15:24:23 spike imapd[3765]: Unable to accept SSL connection, host=spike [127.0.0.1]
Jun 25 15:24:23 spike imapd[3765]: SSL error status: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
Jun 25 15:24:23 spike imapd[3766]: imaps SSL service init from 127.0.0.1
Jun 25 15:24:23 spike imapd[3766]: Unable to accept SSL connection, host=spike [127.0.0.1]
Jun 25 15:24:23 spike imapd[3766]: SSL error status: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
Jun 25 15:24:23 spike imapd[3767]: imaps SSL service init from 127.0.0.1
Jun 25 15:24:28 spike imapd[3769]: imaps SSL service init from 127.0.0.1
Jun 25 15:24:28 spike imapd[3767]: Command stream end of file, while reading line user=??? host=spike [127.0.0.1]
Jun 25 15:24:28 spike imapd[3769]: Command stream end of file, while reading line user=??? host=spike [127.0.0.1]
Jun 25 15:24:28 spike imapd[3770]: imaps SSL service init from 127.0.0.1
Jun 25 15:24:28 spike imapd[3770]: Command stream end of file, while reading line user=??? host=UNKNOWN
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]