why LogWatch send me a mail

James Kosin jkosin at beta.intcomgrp.com
Thu Sep 9 13:21:34 UTC 2004 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Roberto Felloni wrote:
| Hi to all.
|
| Sorry if I ask stupid thing...
| I'm newer of Linux; I'm windows user and to understand linux behaviour
| is for me too hard.
|
| At any boot, LogWatch send me a mail with some information than I
| don't understand:

This sendmail section is no big deal.  It is just a warming that TLS is
nor completely setup.  I understand this is normal for FC2.  You can
safely ignore this one, the default configuration should be secure enough.

|  --------------------- sendmail Begin ------------------------
| **Unmatched Entries**
|    STARTTLS=server: file /etc/mail/certs/cert.pem unsafe: No such file
| or directory: 1 Time(s)
|  ---------------------- sendmail End -------------------------

This one is for the SSHD (secure shell) like telnet.  It is just saying
that the deamon is already running.  If this is a workstation or you
don't need access just turn off this service.  There have been several
attacks lately on this port.

|  --------------------- SSHD Begin ------------------------
| SSHD Started: 1 Time(s)
| Failed to bind:
|    0.0.0.0 port 22 (Address already in use) : 1 Time(s)
|  ---------------------- SSHD End -------------------------

This section is the free disk space and useage.  Monitor it closely to
make sure you don't run out of space.  Any big changes here usually mean
someone is putting a very large file on the computer or something BIG is
about to happen.  I usually make sure that I have space in the /var
partition, If I created a different one for that.  Most temporary stuff
like logfiles, spool files, etc. are under /var.


| ------------------ Disk Space --------------------
| Filesystem            Size  Used Avail Use% Mounted on
| /dev/hdc2             878M  156M  678M  19% /
| /dev/hda1              76M  5.9M   67M   9% /boot
| /dev/hda2             8.6G  113M  8.1G   2% /home
| none                  126M     0  126M   0% /dev/shm
| /dev/hda3             3.9G  2.6G  1.1G  71% /usr
| /dev/hdd1             2.0G  152M  1.8G   8% /var
|
|
| Someone understand what's mean ?
| Someone can give a right way to decode this message and for to
| understand log files ?

Just watch the logs for anything unusual.  If you want to look at the
raw logfiles you can start in /var/log and its sub-trees.

|
| Best regard and thank's in advantage
| roberto
|
|

Have Fun!
James Kosin
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFBQFjec7lFLjBWKW0RAk9UAJ93ytxU597ul2CGHoSuB4QFJ/38TgCfQWP1
YOx1uvNyjn/9YxuZ/GuRs2M=
=TBvE
-----END PGP SIGNATURE-----

More information about the fedora-list mailing list