[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] RaQ3 syslogd 1.3-3: restart Normal?
- Subject: Re: [cobalt-security] RaQ3 syslogd 1.3-3: restart Normal?
- From: Wayne Sagar <wsagar@xxxxxxxx>
- Date: Wed, 25 Apr 2001 21:13:53 -0700
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
At 06:27 PM 4/25/01 -0500, you wrote:
>Syslog seems to freak out if the log file it's writing to changes. More
>specifically, the inode pointer changes with the way log rotate works. So,
>in order for the log rotate function to work, Syslog will get restarted.
<phew!> Thanks Charile!
I'm still running sort of paranoid here... the other day I just happened to
log on and do a netstat, there was a telnet connection showing ESTABLISHED
and I've got telnet turned off... The connection was gone one second later
and I'm still not sure what it was... an attempted connection that I just
*happened* to see in that brief moment.. or... perhaps a hidden version of
telnet somewhere on the box that someone is using as a back door... ??
All checks have shown nothing out of the ordinary going on with the box..
But I'm looking constantly for anything suspicious.. perhaps a bit too hard.
Some have suggested a ground up rebuild just to be sure and I may yet do
this.. but for now, I'll keep watching like a hawk and hope for the best.
Thanks for the response and helping me put this little system "glitch" to
bed... !!
Wayne Sagar