why LogWatch send me a mail
James Kosin
jkosin at beta.intcomgrp.com
Thu Sep 9 13:21:34 UTC 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Roberto Felloni wrote:
| Hi to all.
|
| Sorry if I ask stupid thing...
| I'm newer of Linux; I'm windows user and to understand linux behaviour
| is for me too hard.
|
| At any boot, LogWatch send me a mail with some information than I
| don't understand:
This sendmail section is no big deal. It is just a warming that TLS is
nor completely setup. I understand this is normal for FC2. You can
safely ignore this one, the default configuration should be secure enough.
| --------------------- sendmail Begin ------------------------
| **Unmatched Entries**
| STARTTLS=server: file /etc/mail/certs/cert.pem unsafe: No such file
| or directory: 1 Time(s)
| ---------------------- sendmail End -------------------------
This one is for the SSHD (secure shell) like telnet. It is just saying
that the deamon is already running. If this is a workstation or you
don't need access just turn off this service. There have been several
attacks lately on this port.
| --------------------- SSHD Begin ------------------------
| SSHD Started: 1 Time(s)
| Failed to bind:
| 0.0.0.0 port 22 (Address already in use) : 1 Time(s)
| ---------------------- SSHD End -------------------------
This section is the free disk space and useage. Monitor it closely to
make sure you don't run out of space. Any big changes here usually mean
someone is putting a very large file on the computer or something BIG is
about to happen. I usually make sure that I have space in the /var
partition, If I created a different one for that. Most temporary stuff
like logfiles, spool files, etc. are under /var.
| ------------------ Disk Space --------------------
| Filesystem Size Used Avail Use% Mounted on
| /dev/hdc2 878M 156M 678M 19% /
| /dev/hda1 76M 5.9M 67M 9% /boot
| /dev/hda2 8.6G 113M 8.1G 2% /home
| none 126M 0 126M 0% /dev/shm
| /dev/hda3 3.9G 2.6G 1.1G 71% /usr
| /dev/hdd1 2.0G 152M 1.8G 8% /var
|
|
| Someone understand what's mean ?
| Someone can give a right way to decode this message and for to
| understand log files ?
Just watch the logs for anything unusual. If you want to look at the
raw logfiles you can start in /var/log and its sub-trees.
|
| Best regard and thank's in advantage
| roberto
|
|
Have Fun!
James Kosin
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFBQFjec7lFLjBWKW0RAk9UAJ93ytxU597ul2CGHoSuB4QFJ/38TgCfQWP1
YOx1uvNyjn/9YxuZ/GuRs2M=
=TBvE
-----END PGP SIGNATURE-----
More information about the fedora-list
mailing list