These logs are sent to root, which is forwarded to postmaster.
We have no unix machines or amd processors. Can anyone tell me what the
attached logs are?
Ralph Williams
http://www.wcnet.net
979-543-9111 or 800-569-3464
Received: from SMTP32-FWD by wcn4.wcnet.net
(SMTP32) id A00000131; Wed, 26 Jul 2000 20:48:16 -0500
Received: from loco.localdomain [216.88.253.234] by wcn4.wcnet.net
(SMTPD32-6.03) id A4D918D30038; Wed, 26 Jul 2000 20:48:09 -0500
Received: by loco.localdomain (Postfix, from userid 0)
id 8B11C46C; Wed, 26 Jul 2000 02:05:42 +0000 (GMT)
source_rc_confs: not found
Subject: loco.localdomain daily run output
Message-Id: <[EMAIL PROTECTED]>
Date: Wed, 26 Jul 2000 02:05:42 +0000 (GMT)
From: [EMAIL PROTECTED] (Charlie Root)
X-UIDL: 264373044
Status: U
Removing stale files from /var/preserve:
Cleaning out old system announcements:
Removing stale files from /var/rwho:
Backup passwd and group files:
Verifying group file syntax:
Backing up mail aliases:
Disk status:
Filesystem 1K-blocks Used Avail Capacity Mounted on
/dev/ad0s1a 49583 42029 3588 92% /
/dev/ad0s1f 9378923 3114711 5513899 36% /usr
/dev/ad0s1e 19815 8621 9609 47% /var
procfs 4 4 0 100% /proc
Last dump(s) done (Dump '>' file systems):
UUCP status:
Network interface status:
Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Coll
xl0* 1500 <Link#1> 00:50:04:d2:95:67 0 0 0 0 0
ppp0* 1500 <Link#2> 0 0 0 0 0
lo0 16384 <Link#3> 0 0 0 0 0
lo0 16384 127 loco 0 0 0 0 0
tun0* 1500 <Link#4> 1479 0 1384 0 0
Local system status:
1:59AM up 3:05, 1 user, load averages: 0.00, 0.00, 0.00
Mail in local queue:
-Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient-------
1A9CF452 678 Tue Jul 25 22:54:05 [EMAIL PROTECTED]
(Name service error for domain mail.wcnet.net: Host not found, try again)
[EMAIL PROTECTED]
05770448 678 Tue Jul 25 22:54:05 [EMAIL PROTECTED]
(Name service error for domain mail.wcnet.net: Host not found, try again)
[EMAIL PROTECTED]
E341E459 678 Tue Jul 25 22:54:05 [EMAIL PROTECTED]
(Name service error for domain mail.wcnet.net: Host not found, try again)
[EMAIL PROTECTED]
6C6D2457 678 Tue Jul 25 22:54:05 [EMAIL PROTECTED]
(Name service error for domain mail.wcnet.net: Host not found, try again)
[EMAIL PROTECTED]
580C845F 678 Tue Jul 25 22:54:05 [EMAIL PROTECTED]
(Name service error for domain mail.wcnet.net: Host not found, try again)
[EMAIL PROTECTED]
-- 3 Kbytes in 5 Requests.
Security check:
(output mailed separately)
Checking for rejected mail hosts:
Received: from SMTP32-FWD by wcn4.wcnet.net
(SMTP32) id A00000080; Wed, 26 Jul 2000 20:48:18 -0500
Received: from loco.localdomain [216.88.253.234] by wcn4.wcnet.net
(SMTPD32-6.03) id A4D93B820090; Wed, 26 Jul 2000 20:48:09 -0500
Received: by loco.localdomain (Postfix, from userid 0)
id 3807E3D1; Wed, 26 Jul 2000 02:05:42 +0000 (GMT)
Subject: loco.localdomain security check output
Message-Id: <[EMAIL PROTECTED]>
Date: Wed, 26 Jul 2000 02:05:42 +0000 (GMT)
From: [EMAIL PROTECTED] (Charlie Root)
X-UIDL: 264373045
Status: U
checking setuid files and devices:
loco.localdomain setuid diffs:
1,12c1,12
< -r-xr-sr-x 1 root operator 56224 Jul 3 14:41:10 2000 /bin/df
< -r-sr-xr-x 1 root wheel 239600 Jul 3 14:41:15 2000 /bin/rcp
< -r-xr-sr-x 1 root kmem 61984 Jul 3 14:42:21 2000 /sbin/ccdconfig
< -r-xr-sr-x 1 root kmem 68220 Jul 3 14:42:23 2000 /sbin/dmesg
< -r-xr-sr-x 2 root tty 254704 Jul 3 14:42:23 2000 /sbin/dump
< -r-sr-xr-x 1 root wheel 193500 Jul 3 14:42:36 2000 /sbin/ping
< -r-sr-xr-x 1 root wheel 171304 Jul 3 14:42:37 2000 /sbin/ping6
< -r-xr-sr-x 2 root tty 254704 Jul 3 14:42:23 2000 /sbin/rdump
< -r-xr-sr-x 2 root tty 280980 Jul 3 14:42:38 2000 /sbin/restore
< -r-sr-xr-x 1 root wheel 189960 Jul 3 14:42:38 2000 /sbin/route
< -r-xr-sr-x 2 root tty 280980 Jul 3 14:42:38 2000 /sbin/rrestore
< -r-sr-x--- 1 root operator 162712 Jul 3 14:42:40 2000 /sbin/shutdown
---
> -r-xr-sr-x 1 root operator 56996 Jul 26 00:43:44 2000 /bin/df
> -r-sr-xr-x 1 root wheel 242164 Jul 26 00:43:49 2000 /bin/rcp
> -r-xr-sr-x 1 root kmem 62824 Jul 26 00:45:02 2000 /sbin/ccdconfig
> -r-xr-sr-x 1 root kmem 69196 Jul 26 00:45:04 2000 /sbin/dmesg
> -r-xr-sr-x 2 root tty 257396 Jul 26 00:45:04 2000 /sbin/dump
> -r-sr-xr-x 1 root wheel 195956 Jul 26 00:45:19 2000 /sbin/ping
> -r-sr-xr-x 1 root bin 191152 Jul 26 00:45:19 2000 /sbin/ping6
> -r-xr-sr-x 2 root tty 257396 Jul 26 00:45:04 2000 /sbin/rdump
> -r-xr-sr-x 2 root tty 283728 Jul 26 00:45:21 2000 /sbin/restore
> -r-sr-xr-x 1 root wheel 192032 Jul 26 00:45:21 2000 /sbin/route
> -r-xr-sr-x 2 root tty 283728 Jul 26 00:45:21 2000 /sbin/rrestore
> -r-sr-x--- 1 root operator 164556 Jul 26 00:45:23 2000 /sbin/shutdown
17,42c17,42
< -r-sr-xr-x 4 root wheel 19084 Jul 3 14:44:08 2000 /usr/bin/at
< -r-sr-xr-x 4 root wheel 19084 Jul 3 14:44:08 2000 /usr/bin/atq
< -r-sr-xr-x 4 root wheel 19084 Jul 3 14:44:08 2000 /usr/bin/atrm
< -r-sr-xr-x 4 root wheel 19084 Jul 3 14:44:08 2000 /usr/bin/batch
< -r-sr-xr-x 6 root wheel 31652 Jul 3 14:44:11 2000 /usr/bin/chfn
< -r-sr-xr-x 6 root wheel 31652 Jul 3 14:44:11 2000 /usr/bin/chpass
< -r-sr-xr-x 6 root wheel 31652 Jul 3 14:44:11 2000 /usr/bin/chsh
< -r-sr-xr-x 1 root wheel 23712 Jul 3 14:45:05 2000 /usr/bin/crontab
< -r-sr-sr-x 1 uucp dialer 122184 Jul 3 14:41:26 2000 /usr/bin/cu
< -r-xr-sr-x 1 root kmem 12708 Jul 3 14:44:17 2000 /usr/bin/fstat
< -r-xr-sr-x 1 root kmem 9456 Jul 3 14:44:22 2000 /usr/bin/ipcs
< -r-sr-xr-x 1 root wheel 510 Jul 3 14:44:23 2000 /usr/bin/keyinfo
< -r-sr-xr-x 1 root wheel 7056 Jul 3 14:44:23 2000 /usr/bin/keyinit
< -r-sr-xr-x 1 root wheel 6616 Jul 3 14:44:27 2000 /usr/bin/lock
< -r-sr-xr-x 1 root wheel 19332 Jul 3 14:44:28 2000 /usr/bin/login
< -r-sr-sr-x 1 root daemon 19572 Jul 3 14:45:38 2000 /usr/bin/lpq
< -r-sr-sr-x 1 root daemon 22772 Jul 3 14:45:38 2000 /usr/bin/lpr
< -r-sr-sr-x 1 root daemon 18892 Jul 3 14:45:39 2000 /usr/bin/lprm
< -r-sr-xr-x 1 man wheel 28088 Jul 3 14:42:00 2000 /usr/bin/man
< -r-xr-sr-x 1 root kmem 76720 Jul 3 14:44:33 2000 /usr/bin/netstat
< -r-xr-sr-x 1 root kmem 9484 Jul 3 14:44:33 2000 /usr/bin/nfsstat
< -r-sr-xr-x 2 root wheel 25972 Jul 3 14:44:35 2000 /usr/bin/passwd
< -r-sr-xr-x 1 root wheel 10064 Jul 3 14:44:36 2000 /usr/bin/quota
< -r-sr-xr-x 1 root wheel 9808 Jul 3 14:44:36 2000 /usr/bin/rlogin
< -r-sr-xr-x 1 root wheel 7164 Jul 3 14:44:37 2000 /usr/bin/rsh
< -r-sr-xr-x 2 root wheel 146348 Jul 3 14:45:59 2000 /usr/bin/slogin
---
> -r-sr-xr-x 4 root wheel 19324 Jul 26 00:46:31 2000 /usr/bin/at
> -r-sr-xr-x 4 root wheel 19324 Jul 26 00:46:31 2000 /usr/bin/atq
> -r-sr-xr-x 4 root wheel 19324 Jul 26 00:46:31 2000 /usr/bin/atrm
> -r-sr-xr-x 4 root wheel 19324 Jul 26 00:46:31 2000 /usr/bin/batch
> -r-sr-xr-x 6 root wheel 31972 Jul 26 00:46:34 2000 /usr/bin/chfn
> -r-sr-xr-x 6 root wheel 31972 Jul 26 00:46:34 2000 /usr/bin/chpass
> -r-sr-xr-x 6 root wheel 31972 Jul 26 00:46:34 2000 /usr/bin/chsh
> -r-sr-xr-x 1 root wheel 23912 Jul 26 00:47:30 2000 /usr/bin/crontab
> -r-sr-sr-x 1 uucp dialer 123456 Jul 26 00:44:02 2000 /usr/bin/cu
> -r-xr-sr-x 1 root kmem 12900 Jul 26 00:46:41 2000 /usr/bin/fstat
> -r-xr-sr-x 1 root kmem 9624 Jul 26 00:46:43 2000 /usr/bin/ipcs
> -r-sr-xr-x 1 root wheel 510 Jul 26 00:46:45 2000 /usr/bin/keyinfo
> -r-sr-xr-x 1 root wheel 7232 Jul 26 00:46:45 2000 /usr/bin/keyinit
> -r-sr-xr-x 1 root wheel 6792 Jul 26 00:46:49 2000 /usr/bin/lock
> -r-sr-xr-x 1 root wheel 19556 Jul 26 00:46:50 2000 /usr/bin/login
> -r-sr-sr-x 1 root daemon 19796 Jul 26 00:48:04 2000 /usr/bin/lpq
> -r-sr-sr-x 1 root daemon 22996 Jul 26 00:48:04 2000 /usr/bin/lpr
> -r-sr-sr-x 1 root daemon 19132 Jul 26 00:48:04 2000 /usr/bin/lprm
> -r-sr-xr-x 1 man wheel 28304 Jul 26 00:44:39 2000 /usr/bin/man
> -r-xr-sr-x 1 root kmem 84448 Jul 26 00:46:56 2000 /usr/bin/netstat
> -r-xr-sr-x 1 root kmem 9660 Jul 26 00:46:56 2000 /usr/bin/nfsstat
> -r-sr-xr-x 2 root wheel 26260 Jul 26 00:46:58 2000 /usr/bin/passwd
> -r-sr-xr-x 1 root wheel 10232 Jul 26 00:46:58 2000 /usr/bin/quota
> -r-sr-xr-x 1 root wheel 9976 Jul 26 00:46:59 2000 /usr/bin/rlogin
> -r-sr-xr-x 1 root wheel 7372 Jul 26 00:47:00 2000 /usr/bin/rsh
> -r-sr-xr-x 2 root wheel 146972 Jul 26 00:48:26 2000 /usr/bin/slogin
44,45c44,45
< -r-sr-xr-x 2 root wheel 146348 Jul 3 14:45:59 2000 /usr/bin/ssh
< -r-sr-xr-x 1 root wheel 7760 Jul 3 14:44:39 2000 /usr/bin/su
---
> -r-sr-xr-x 2 root wheel 146972 Jul 26 00:48:26 2000 /usr/bin/ssh
> -r-sr-xr-x 1 root wheel 7960 Jul 26 00:47:02 2000 /usr/bin/su
47,63c47,63
< -r-xr-sr-x 1 root kmem 56032 Jul 3 14:44:40 2000 /usr/bin/systat
< -r-xr-sr-x 1 root kmem 31872 Jul 3 14:44:41 2000 /usr/bin/top
< -r-sr-xr-x 1 uucp wheel 86712 Jul 3 14:41:27 2000 /usr/bin/uucp
< -r-sr-xr-x 1 uucp wheel 36348 Jul 3 14:41:28 2000 /usr/bin/uuname
< -r-sr-sr-x 1 uucp dialer 95260 Jul 3 14:41:28 2000 /usr/bin/uustat
< -r-sr-xr-x 1 uucp wheel 87344 Jul 3 14:41:29 2000 /usr/bin/uux
< -r-xr-sr-x 1 root kmem 16192 Jul 3 14:44:47 2000 /usr/bin/vmstat
< -r-xr-sr-x 1 root tty 8620 Jul 3 14:44:47 2000 /usr/bin/wall
< -r-xr-sr-x 1 root tty 7112 Jul 3 14:44:49 2000 /usr/bin/write
< -r-sr-xr-x 6 root wheel 31652 Jul 3 14:44:11 2000 /usr/bin/ypchfn
< -r-sr-xr-x 6 root wheel 31652 Jul 3 14:44:11 2000 /usr/bin/ypchpass
< -r-sr-xr-x 6 root wheel 31652 Jul 3 14:44:11 2000 /usr/bin/ypchsh
< -r-sr-xr-x 2 root wheel 25972 Jul 3 14:44:35 2000 /usr/bin/yppasswd
< -r-sr-xr-x 1 root wheel 15980 Jul 3 14:42:18 2000 /usr/libexec/mail.local
< -r-sr-xr-x 1 root wheel 315788 Jul 3 14:45:41 2000
/usr/libexec/sendmail/sendmail
< -r-sr-sr-x 1 uucp dialer 218492 Jul 3 14:41:27 2000 /usr/libexec/uucp/uucico
< -r-sr-s--- 1 uucp uucp 97964 Jul 3 14:41:29 2000 /usr/libexec/uucp/uuxqt
---
> -r-xr-sr-x 1 root kmem 56392 Jul 26 00:47:02 2000 /usr/bin/systat
> -r-xr-sr-x 1 root kmem 32136 Jul 26 00:47:04 2000 /usr/bin/top
> -r-sr-xr-x 1 uucp wheel 87984 Jul 26 00:44:03 2000 /usr/bin/uucp
> -r-sr-xr-x 1 uucp wheel 37100 Jul 26 00:44:04 2000 /usr/bin/uuname
> -r-sr-sr-x 1 uucp dialer 96540 Jul 26 00:44:04 2000 /usr/bin/uustat
> -r-sr-xr-x 1 uucp wheel 88600 Jul 26 00:44:05 2000 /usr/bin/uux
> -r-xr-sr-x 1 root kmem 16392 Jul 26 00:47:10 2000 /usr/bin/vmstat
> -r-xr-sr-x 1 root tty 8796 Jul 26 00:47:10 2000 /usr/bin/wall
> -r-xr-sr-x 1 root tty 7288 Jul 26 00:47:12 2000 /usr/bin/write
> -r-sr-xr-x 6 root wheel 31972 Jul 26 00:46:34 2000 /usr/bin/ypchfn
> -r-sr-xr-x 6 root wheel 31972 Jul 26 00:46:34 2000 /usr/bin/ypchpass
> -r-sr-xr-x 6 root wheel 31972 Jul 26 00:46:34 2000 /usr/bin/ypchsh
> -r-sr-xr-x 2 root wheel 26260 Jul 26 00:46:58 2000 /usr/bin/yppasswd
> -r-sr-xr-x 1 root wheel 16156 Jul 26 00:44:58 2000 /usr/libexec/mail.local
> -r-sr-xr-x 1 root wheel 316348 Jul 26 00:48:07 2000
>/usr/libexec/sendmail/sendmail
> -r-sr-sr-x 1 uucp dialer 220460 Jul 26 00:44:02 2000 /usr/libexec/uucp/uucico
> -r-sr-s--- 1 uucp uucp 99340 Jul 26 00:44:05 2000 /usr/libexec/uucp/uuxqt
95,108c95,108
< -r-xr-sr-x 1 root kmem 4032 Jul 3 14:45:08 2000 /usr/sbin/ifmcstat
< -r-xr-sr-x 1 root kmem 9924 Jul 3 14:45:08 2000 /usr/sbin/iostat
< -r-xr-sr-x 1 root daemon 26536 Jul 3 14:45:38 2000 /usr/sbin/lpc
< -r-sr-xr-x 1 root wheel 15920 Jul 3 14:45:12 2000 /usr/sbin/mrinfo
< -r-sr-xr-x 1 root wheel 29584 Jul 3 14:45:12 2000 /usr/sbin/mtrace
< -r-sr-xr-- 1 root network 276652 Jul 3 14:45:21 2000 /usr/sbin/ppp
< -r-sr-xr-x 1 root wheel 95736 Jul 3 14:45:22 2000 /usr/sbin/pppd
< -r-xr-sr-x 2 root kmem 14160 Jul 3 14:45:23 2000 /usr/sbin/pstat
< -r-sr-x--- 1 root network 10608 Jul 3 14:45:27 2000 /usr/sbin/sliplogin
< -r-xr-sr-x 2 root kmem 14160 Jul 3 14:45:23 2000 /usr/sbin/swapinfo
< -r-sr-xr-x 1 root wheel 14676 Jul 3 14:45:30 2000 /usr/sbin/timedc
< -r-sr-xr-x 1 root wheel 12868 Jul 3 14:45:30 2000 /usr/sbin/traceroute
< -r-sr-xr-x 1 root bin 13388 Jul 3 14:45:30 2000 /usr/sbin/traceroute6
< -r-xr-sr-x 1 root kmem 7632 Jul 3 14:45:30 2000 /usr/sbin/trpt
---
> -r-xr-sr-x 1 root kmem 4456 Jul 26 00:47:32 2000 /usr/sbin/ifmcstat
> -r-xr-sr-x 1 root kmem 10116 Jul 26 00:47:32 2000 /usr/sbin/iostat
> -r-xr-sr-x 1 root daemon 26784 Jul 26 00:48:04 2000 /usr/sbin/lpc
> -r-sr-xr-x 1 root wheel 16136 Jul 26 00:47:37 2000 /usr/sbin/mrinfo
> -r-sr-xr-x 1 root wheel 29752 Jul 26 00:47:37 2000 /usr/sbin/mtrace
> -r-sr-xr-- 1 root network 277500 Jul 26 00:47:47 2000 /usr/sbin/ppp
> -r-sr-xr-x 1 root wheel 96080 Jul 26 00:47:48 2000 /usr/sbin/pppd
> -r-xr-sr-x 2 root kmem 14368 Jul 26 00:47:49 2000 /usr/sbin/pstat
> -r-sr-x--- 1 root network 10776 Jul 26 00:47:54 2000 /usr/sbin/sliplogin
> -r-xr-sr-x 2 root kmem 14368 Jul 26 00:47:49 2000 /usr/sbin/swapinfo
> -r-sr-xr-x 1 root wheel 14900 Jul 26 00:47:58 2000 /usr/sbin/timedc
> -r-sr-xr-x 1 root wheel 12924 Jul 26 00:47:58 2000 /usr/sbin/traceroute
> -r-sr-xr-x 1 root bin 14776 Jul 26 00:47:58 2000 /usr/sbin/traceroute6
> -r-xr-sr-x 1 root kmem 7832 Jul 26 00:47:58 2000 /usr/sbin/trpt
checking for uids of 0:
root 0
toor 0
checking for passwordless accounts:
loco.localdomain kernel log messages:
> Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
> FreeBSD 4.1-RC #0: Mon Jul 17 07:40:20 GMT 2000
> [EMAIL PROTECTED]:/usr/src/sys/compile/LOCO
> CPU: AMD-K6(tm) 3D processor (451.02-MHz 586-class CPU)
> avail memory = 127606784 (124616K bytes)
> Preloaded elf kernel "kernel" at 0xc02d8000.
loco.localdomain login failures:
loco.localdomain refused connections:
Received: from SMTP32-FWD by wcn4.wcnet.net
(SMTP32) id A0000013A; Wed, 26 Jul 2000 21:21:29 -0500
Received: from loco.localdomain [216.88.253.234] by wcn4.wcnet.net
(SMTPD32-6.03) id ACA5B4070102; Wed, 26 Jul 2000 21:21:25 -0500
Received: by loco.localdomain (Postfix, from userid 0)
id CB2AE473; Wed, 26 Jul 2000 08:27:02 +0000 (GMT)
X-vi-recover-file: menu
X-vi-recover-path: /var/tmp/vi.recover/vi.vLJ655
Reply-To: [EMAIL PROTECTED]
From: [EMAIL PROTECTED] (Nvi recovery program)
To: [EMAIL PROTECTED]
Subject: Nvi saved the file menu
Precedence: bulk
Message-Id: <[EMAIL PROTECTED]>
Date: Wed, 26 Jul 2000 08:27:02 +0000 (GMT)
X-UIDL: 264373046
Status: U
On Sat Jun 3 22:59:50 2000, the user root was editing a
file named menu on the machine loco.localdomain, when it was
saved for recovery. You can recover most, if not all, of the
changes to this file using the -r option to vi:
vi -r menu
