Hi,
Does anyone have AIX syslog samples ? I would appreciate if you would send them to me @
I want to confirm if the following log is standard or not:
----
Feb 7 18:46:17 ppaix syslogd: restart
Feb 7 18:48:55 ppaix syslog: ifconfig -a
Feb 7 18:51:33 ppaix telnetd[6348]: usage: telnetd [-n] [-s] [-a]
Feb 7 18:51:33 ppaix last message repeated 4 times
Feb 7 18:51:33 ppaix telnetd[6348]: setsockopt (SO_KEEPALIVE): The specified file descriptor is not a socket.
Feb 7 18:51:39 ppaix telnetd[6350]: setsockopt (SO_KEEPALIVE): The specified file descriptor is not a socket.
Feb 7 18:51:39 ppaix telnetd[6350]: setsockopt (SO_SO_DEBUG): The specified file descriptor is not a socket.
Feb 7 18:51:43 ppaix telnetd[6352]: setsockopt (SO_KEEPALIVE): The specified file descriptor is not a socket.
Feb 7 18:51:47 ppaix telnetd[6354]: setsockopt (SO_KEEPALIVE): The specified file descriptor is not a socket.
Feb 7 19:08:17 ppaix sshd[6176]: Accepted password for root from 172.16.2.78 port 32816 ssh2
Feb 7 19:17:37 ppaix syslog: pts/2: failed login attempt for root from 172.16.4.61
Feb 7 19:17:51 ppaix pplogin3.0.0-9: 1 LOGIN FAILURE FROM 172.16.4.61, root
Feb 7 19:17:51 ppaix pplogin3.0.0-9: 3722 Symark-mailer: 'Symark PowerPassword pplogin 3.0.0-9 INTRUDER alert' sent to 172.16.2.75 at 01/07/2005 19:17:51.
Feb 7 19:17:51 ppaix pplogin3.0.0-9: 3722 Symark-mailer: 'Symark PowerPassword pplogin 3.0.0-9 INTRUDER alert' sent to 172.16.2.75 at 01/07/2005 19:17:51.
Feb 7 19:20:39 ppaix syslog: pts/2: failed login attempt for UNKNOWN_USER from 172.16.2.23
Feb 7 19:20:41 ppaix syslog: pts/2: failed login attempt for UNKNOWN_USER from 172.16.2.23
Feb 7 19:20:51 ppaix syslog: pts/2: failed login attempt for root from 172.16.2.23
----
Kamal.Ahmed@esecurity.netThanks,
-Kamal.
Print