Linux vps-61133.fhnet.fr 4.9.0-19-amd64 #1 SMP Debian 4.9.320-2 (2022-06-30) x86_64
Apache/2.4.25 (Debian)
Server IP : 93.113.207.21 & Your IP : 216.73.216.112
Domains :
Cant Read [ /etc/named.conf ]
User : www-data
Terminal
Auto Root
Create File
Create Folder
Localroot Suggester
Backdoor Destroyer
Readme
/
usr /
share /
logwatch /
scripts /
services /
Delete
Unzip
Name
Size
Permission
Date
Action
afpd
3.84
KB
-rwxr-xr-x
2017-01-21 17:44
amavis
176.48
KB
-rwxr-xr-x
2017-01-21 17:44
arpwatch
1.43
KB
-rwxr-xr-x
2017-01-21 17:44
audit
15.59
KB
-rwxr-xr-x
2017-01-21 17:44
automount
5.24
KB
-rwxr-xr-x
2017-01-21 17:44
autorpm
2.25
KB
-rwxr-xr-x
2017-01-21 17:44
barracuda
11.85
KB
-rwxr-xr-x
2017-01-21 17:44
bfd
2.2
KB
-rwxr-xr-x
2017-01-21 17:44
cisco
44.38
KB
-rwxr-xr-x
2016-07-26 19:43
citadel
58.58
KB
-rwxr-xr-x
2017-01-21 17:44
clam-update
6.93
KB
-rwxr-xr-x
2017-01-21 17:44
clamav
6.17
KB
-rwxr-xr-x
2017-01-21 17:44
clamav-milter
4.17
KB
-rwxr-xr-x
2017-01-21 17:44
courier
23.28
KB
-rwxr-xr-x
2017-01-21 17:44
cron
12.58
KB
-rwxr-xr-x
2017-01-21 17:44
denyhosts
1.75
KB
-rwxr-xr-x
2017-01-21 17:44
dhcpd
11
KB
-rwxr-xr-x
2017-01-21 17:44
dirsrv
4.85
KB
-rwxr-xr-x
2017-01-21 17:44
dnssec
4.99
KB
-rwxr-xr-x
2017-01-21 17:44
dovecot
24.72
KB
-rwxr-xr-x
2017-01-21 17:44
dpkg
3.21
KB
-rwxr-xr-x
2017-01-21 17:44
emerge
4.44
KB
-rwxr-xr-x
2017-01-21 17:44
evtapplication
5.92
KB
-rwxr-xr-x
2017-01-21 17:44
evtsecurity
12.7
KB
-rwxr-xr-x
2017-01-21 17:44
evtsystem
14.95
KB
-rwxr-xr-x
2017-01-21 17:44
exim
24.79
KB
-rwxr-xr-x
2017-01-21 17:44
eximstats
1.91
KB
-rwxr-xr-x
2017-01-21 17:44
extreme-networks
10.91
KB
-rwxr-xr-x
2017-01-21 17:44
fail2ban
9.98
KB
-rwxr-xr-x
2017-01-21 17:44
fetchmail
3.53
KB
-rwxr-xr-x
2017-01-21 17:44
freeradius
10.22
KB
-rwxr-xr-x
2017-01-21 17:44
ftpd-messages
7.67
KB
-rwxr-xr-x
2017-01-21 17:44
ftpd-xferlog
6.18
KB
-rwxr-xr-x
2017-01-21 17:44
http
23.73
KB
-rwxr-xr-x
2017-01-21 17:44
http-error
4.22
KB
-rwxr-xr-x
2016-07-26 19:43
identd
5.54
KB
-rwxr-xr-x
2017-01-21 17:44
imapd
11.15
KB
-rwxr-xr-x
2017-01-21 17:44
in.qpopper
4.84
KB
-rwxr-xr-x
2017-01-21 17:44
init
3.48
KB
-rwxr-xr-x
2017-01-21 17:44
ipop3d
4.08
KB
-rwxr-xr-x
2017-01-21 17:44
iptables
14.96
KB
-rwxr-xr-x
2017-01-21 17:44
kernel
10.56
KB
-rwxr-xr-x
2017-01-21 17:44
knockd
2.8
KB
-rwxr-xr-x
2017-01-21 17:44
lvm
3.12
KB
-rwxr-xr-x
2017-01-21 17:44
mailscanner
27.15
KB
-rwxr-xr-x
2017-01-21 17:44
mdadm
4.58
KB
-rwxr-xr-x
2017-01-21 17:44
mod_security2
7.82
KB
-rwxr-xr-x
2017-01-21 17:44
modprobe
4.17
KB
-rwxr-xr-x
2017-01-21 17:44
mountd
4.35
KB
-rwxr-xr-x
2017-01-21 17:44
mysql
4.52
KB
-rwxr-xr-x
2017-01-21 17:44
mysql-mmm
4.84
KB
-rwxr-xr-x
2017-01-21 17:44
named
31.26
KB
-rwxr-xr-x
2017-01-21 17:44
netopia
14.98
KB
-rwxr-xr-x
2017-01-21 17:44
netscreen
20.63
KB
-rwxr-xr-x
2017-01-21 17:44
oidentd
5.47
KB
-rwxr-xr-x
2017-01-21 17:44
omsa
2.59
KB
-rwxr-xr-x
2017-01-21 17:44
openvpn
13.68
KB
-rwxr-xr-x
2017-01-21 17:44
pam
1.86
KB
-rwxr-xr-x
2017-01-21 17:44
pam_pwdb
7.84
KB
-rwxr-xr-x
2017-01-21 17:44
pam_unix
16.03
KB
-rwxr-xr-x
2017-01-21 17:44
php
5.1
KB
-rwxr-xr-x
2017-01-21 17:44
pix
13.29
KB
-rwxr-xr-x
2017-01-21 17:44
pluto
11.97
KB
-rwxr-xr-x
2017-01-21 17:44
pop3
15.18
KB
-rwxr-xr-x
2017-01-21 17:44
portsentry
5
KB
-rwxr-xr-x
2017-01-21 17:44
postfix
241.59
KB
-rwxr-xr-x
2017-01-21 17:44
postgresql
5.39
KB
-rwxr-xr-x
2017-01-21 17:44
pound
3.52
KB
-rwxr-xr-x
2017-01-21 17:44
proftpd-messages
10.6
KB
-rwxr-xr-x
2017-01-21 17:44
puppet
10.37
KB
-rwxr-xr-x
2016-07-26 19:43
pureftpd
8.17
KB
-rwxr-xr-x
2017-01-21 17:44
qmail
5.73
KB
-rwxr-xr-x
2017-01-21 17:44
qmail-pop3d
4.43
KB
-rwxr-xr-x
2017-01-21 17:44
qmail-pop3ds
3.98
KB
-rwxr-xr-x
2017-01-21 17:44
qmail-send
19.63
KB
-rwxr-xr-x
2017-01-21 17:44
qmail-smtpd
56.05
KB
-rwxr-xr-x
2017-01-21 17:44
raid
1.73
KB
-rwxr-xr-x
2017-01-21 17:44
resolver
3.43
KB
-rwxr-xr-x
2017-01-21 17:44
rsnapshot
3.33
KB
-rwxr-xr-x
2017-01-21 17:44
rsyslogd
1.79
KB
-rwxr-xr-x
2016-07-26 19:43
rt314
4.43
KB
-rwxr-xr-x
2017-01-21 17:44
samba
25.63
KB
-rwxr-xr-x
2017-01-21 17:44
saslauthd
4.06
KB
-rwxr-xr-x
2017-01-21 17:44
scsi
3.34
KB
-rwxr-xr-x
2017-01-21 17:44
secure
41.04
KB
-rwxr-xr-x
2017-01-21 17:44
sendmail
92.27
KB
-rwxr-xr-x
2017-01-21 17:44
sendmail-largeboxes
2.51
KB
-rwxr-xr-x
2017-01-21 17:44
shaperd
5.64
KB
-rwxr-xr-x
2017-01-21 17:44
slon
4.61
KB
-rwxr-xr-x
2017-01-21 17:44
smartd
16.1
KB
-rwxr-xr-x
2017-01-21 17:44
sonicwall
25
KB
-rwxr-xr-x
2017-01-21 17:44
spamassassin
7.56
KB
-rwxr-xr-x
2016-07-26 19:43
sshd
30.98
KB
-rwxr-xr-x
2017-01-21 17:44
sshd2
2.02
KB
-rwxr-xr-x
2017-01-21 17:44
sssd
2.45
KB
-rwxr-xr-x
2017-01-21 17:44
stunnel
5.61
KB
-rwxr-xr-x
2016-07-26 19:43
sudo
6.01
KB
-rwxr-xr-x
2017-01-21 17:44
syslog-ng
20.61
KB
-rwxr-xr-x
2017-01-21 17:44
syslogd
1.98
KB
-rwxr-xr-x
2017-01-21 17:44
systemd
7.53
KB
-rwxr-xr-x
2017-01-21 17:44
tac_acc
4.12
KB
-rwxr-xr-x
2017-01-21 17:44
tivoli-smc
4.41
KB
-rwxr-xr-x
2016-07-26 19:43
up2date
4.79
KB
-rwxr-xr-x
2017-01-21 17:44
vdr
8.3
KB
-rwxr-xr-x
2017-01-21 17:44
vpopmail
3.48
KB
-rwxr-xr-x
2017-01-21 17:44
vsftpd
8.28
KB
-rwxr-xr-x
2017-01-21 17:44
windows
16.12
KB
-rwxr-xr-x
2017-01-21 17:44
xntpd
8.59
KB
-rwxr-xr-x
2017-01-21 17:44
yum
2.8
KB
-rwxr-xr-x
2017-01-21 17:44
zypp
2.48
KB
-rwxr-xr-x
2017-01-21 17:44
zz-disk_space
6.02
KB
-rwxr-xr-x
2017-01-21 17:44
zz-fortune
1.69
KB
-rwxr-xr-x
2017-01-21 17:44
zz-lm_sensors
1.82
KB
-rwxr-xr-x
2017-01-21 17:44
zz-network
12.79
KB
-rwxr-xr-x
2017-01-21 17:44
zz-runtime
1.66
KB
-rwxr-xr-x
2017-01-21 17:44
zz-sys
3.01
KB
-rwxr-xr-x
2017-01-21 17:44
zz-zfs
5.91
KB
-rwxr-xr-x
2017-01-21 17:44
Save
Rename
#!/usr/bin/perl ########################################################################## # $Id$ ########################################################################## # $Log: kernel,v $ # Revision 1.35 2008/03/24 23:31:26 kirk # added copyright/license notice to each script # # Revision 1.34 2008/02/14 19:01:51 mike # Patch for OOM from Orion Poplawski -mgt # # Revision 1.33 2006/01/16 18:40:31 kirk # fixed name to Logwatch (how I like it now) # # Revision 1.32 2005/11/30 05:35:11 bjorn # Replaced compStr, by Markus Lude. # # Revision 1.31 2005/11/08 20:34:49 bjorn # Fixed reporting of RAID errors and added 'use strict'. Adds support for # reporting various execution/memory access errors. These are errors on # 2.6.5-7 kernels, x86_64 and IA64 architectures, SuSE 9 distro. # All these changes by David Baldwin. # # Revision 1.30 2005/07/25 22:17:31 bjorn # Moved iptables (and ipchains, ipfwadm) code to its own service (iptables). # # Revision 1.29 2005/06/07 18:14:50 bjorn # Filtering out audit statements, since we now have an "audit" service. ########################################################################## # Kernel script for Logwatch # # Visit the Logwatch website at # http://www.logwatch.org ########################################################################## ##################################################### ## Copyright (c) 2008 Kirk Bauer ## Covered under the included MIT/X-Consortium License: ## http://www.opensource.org/licenses/mit-license.php ## All modifications and contributions by other persons to ## this script are assumed to have been donated to the ## Logwatch project and thus assume the above copyright ## and licensing terms. If you want to make contributions ## under your own copyright or a different license this ## must be explicitly stated in the contribution an the ## Logwatch project reserves the right to not accept such ## contributions. If you have made significant ## contributions to this script and want to claim ## copyright please contact logwatch-devel@lists.sourceforge.net. ######################################################### use strict; use Logwatch ':ip'; my $Detail = $ENV{'LOGWATCH_DETAIL_LEVEL'} || 0; my $Ignore_faults = $ENV{'ignore_faults'}; my $Ignore_rpcsec_expired = $ENV{'ignore_rpcsec_expired'} || 0; my $Ignore_messages = $ENV{'kernel_ignore_messages'} || '^$'; my %SYNflood = (); my %RAIDErrors = (); my %DRBDErrors = (); my %SegFaults = (); my %GPFaults = (); my %TrapInt3s = (); my %UnalignedErrors = (); my %FPAssists = (); my %OOM = (); my %Errors = (); my %Kernel = (); my %EDACs = (); while (defined(my $ThisLine = <STDIN>)) { chomp($ThisLine); next if ($ThisLine eq ''); # Remove timestamp if present $ThisLine =~ s/^\[\s*\d+\.\d+\]\s*//; if ( # filter out audit messages - these should be parsed by the audit # service ($ThisLine =~ /^\s*(type=\d+\s+)?audit\(/) # following now in iptables service or ($ThisLine =~ /^Packet log: .*PROTO=/) or ($ThisLine =~ /IN=.*OUT=.*SRC=.*DST=.*PROTO=/) # user specified ignore messages, lower cased or ($ThisLine =~ /$Ignore_messages/i) ) { # ignore the above strings } elsif ( my ($from,$on) = ( $ThisLine =~ /^Warning: possible SYN flood from ([^ ]+) on ([^ ]+):.+ Sending cookies/ ) ) { my $Fullfrom = LookupIP($from); my $Fullon = LookupIP($on); $SYNflood{$Fullon}{$Fullfrom}++; } elsif ($ThisLine =~ /continuing in degraded mode/) { $RAIDErrors{$ThisLine}++; } elsif ($ThisLine =~ /([^(]*)\[\d+\]: segfault at/) { $SegFaults{$1}++; } elsif ($ThisLine =~ /([^(]*)\[\d+\] general protection/) { $GPFaults{$1}++; } elsif ($ThisLine =~ /([^(]*)\[\d+\] trap int3 /) { $TrapInt3s{$1}++; } elsif ($ThisLine =~ /([^(]*)\(\d+\): unaligned access to/) { $UnalignedErrors{$1}++; } elsif ($ThisLine =~ /([^(]*)\(\d+\): floating-point assist fault at ip/) { $FPAssists{$1}++; } elsif ($ThisLine =~ /Out of memory: (?:[KK]illed|[Kk]ill) process \d+ \((.*)\)/) { $OOM{$1}++; } elsif ($ThisLine =~ /(\S+) invoked oom-killer/) { $OOM{$1}++; } elsif ($ThisLine =~ /(EDAC (MC|PCI)\d:.*)/) { # Standard boot messages next if $ThisLine =~ /Giving out device to /; $EDACs{$1}++; } elsif ($ThisLine =~ /(block drbd\d+): Online verify found (\d+) \d+k block out of sync/) { $DRBDErrors{$1}{"$2 block(s) out of sync"} = 1; } elsif ($ThisLine =~ /(block drbd\d+): \[.*\] sock_sendmsg time expired/) { $DRBDErrors{$1}{"sock_sendmsg time expired"}++; } elsif ($ThisLine =~ /(block drbd\d+): Began resync as (SyncSource|SyncTarget)/) { $DRBDErrors{$1}{"Began resync as $2"}++; } elsif ( ( my $errormsg ) = ( $ThisLine =~ /(.*?error.{0,17})/i ) ) { # filter out smb open/read errors cased by insufficient permissions my $SkipError = 0; $SkipError = 1 if $ThisLine =~ /smb_readpage_sync: .*open failed, error=-13/; $SkipError = 1 if $ThisLine =~ /smb_open: .* open failed, result=-13/; $SkipError = 1 if $ThisLine =~ /smb_open: .* open failed, error=-13/; # filter out error_exit in stack traces caused by OOM conditions $SkipError = 1 if $ThisLine =~ /\[<[\da-f]+>\] error_exit\+0x/; # These are informative, not errors $SkipError = 1 if $ThisLine =~ /ACPI _OSC request failed \(AE_ERROR\), returned control mask: 0x1d/; $SkipError = 1 if $ThisLine =~ /ERST: Error Record Serialization Table \(ERST\) support is initialized/; $SkipError = 1 if $ThisLine =~ /GHES: Generic hardware error source: \d+ notified via .* is not supported/; $SkipError = 1 if $ThisLine =~ /HEST: Enabling Firmware First mode for corrected errors/; $SkipError = 1 if $ThisLine =~ /PCIe errors handled by (?:BIOS|OS)/; # These happen when kerberos tickets expire, which can be normal $SkipError = 1 if $ThisLine =~ /Error: state manager encountered RPCSEC_GSS session expired against NFSv4 server/ && $Ignore_rpcsec_expired; # filter out mount options $SkipError = 1 if $ThisLine =~ /errors=(?:continue|remount-ro|panic)/; $Errors{$errormsg}++ if ( (! $SkipError) || ($Detail > 8)); } elsif ( ( my $errormsg ) = ( $ThisLine =~ /((BUG|WARNING|INFO):.{0,40})/ ) ) { $Errors{$errormsg}++; # OTHER } else { # XXX For now, going to ignore all other kernel messages as there # XXX are practically an infinite number and most of them are obviously # XXX not parsed here at this time. # filter out smb open/read errors cased by insufficient permissions my $SkipError = 0; $SkipError = 1 if $ThisLine =~ /smb_readpage_sync: .*open failed, error=-13/; $SkipError = 1 if $ThisLine =~ /smb_open: .* open failed, result=-13/; $SkipError = 1 if $ThisLine =~ /smb_open: .* open failed, error=-13/; $SkipError = 1 if $ThisLine =~ /block drbd\d+: Out of sync: start=\d+/; $SkipError = 1 if $ThisLine =~ /block drbd\d+: updated( sync)? UUIDs?/i; $SkipError = 1 if $ThisLine =~ /block drbd\d+: Resync done/; $SkipError = 1 if $ThisLine =~ /block drbd\d+: cs:(?:Ahead|Behind) rs_left/; $SkipError = 1 if $ThisLine =~ /block drbd\d+: \d+ % had equal checksums, eliminated:/; $Kernel{$ThisLine}++ if ( (! $SkipError) || ($Detail > 8)) ; } } if (keys %SYNflood) { print "\nWarning: SYN flood on:\n"; foreach my $ThisOne (sort {$a cmp $b} keys %SYNflood) { print " " . $ThisOne . " from:\n"; foreach my $Next (sort {$a cmp $b} keys %{$SYNflood{$ThisOne}}) { print " " . $Next . ": $SYNflood{$ThisOne}{$Next} Time(s)\n"; } } } if (keys %RAIDErrors) { print "\nWARNING: RAID Errors Present\n"; foreach my $Thisone ( sort {$a cmp $b} keys %RAIDErrors ) { print " $Thisone ...: $RAIDErrors{$Thisone} Time(s)\n"; } } if (keys %DRBDErrors) { print "\nWARNING: DRBD Errors Present\n"; foreach my $Thisone ( sort {$a cmp $b} keys %DRBDErrors ) { foreach my $Msg (sort {$a cmp $b} keys %{$DRBDErrors{$Thisone}}) { print " $Thisone: $Msg"; print " : $DRBDErrors{$Thisone}{$Msg} Time(s)" if $DRBDErrors{$Thisone}{$Msg} > 1; print "\n"; } } } if (keys %SegFaults) { my $header_printed=0; foreach my $Thisone ( sort {$a cmp $b} keys %SegFaults ) { if ($Ignore_faults =~ /\b\Q$Thisone\E\b/i) { next; } if (!$header_printed) { print "\nWARNING: Segmentation Faults in these executables\n"; $header_printed=1; } print " $Thisone : $SegFaults{$Thisone} Time(s)\n"; } } if (keys %GPFaults) { my $header_printed=0; foreach my $Thisone ( sort {$a cmp $b} keys %GPFaults ) { if ($Ignore_faults =~ /\b\Q$Thisone\E\b/i) { next; } if (!$header_printed) { print "\nWARNING: General Protection Faults in these executables\n"; $header_printed=1; } print " $Thisone : $GPFaults{$Thisone} Time(s)\n"; } } if (keys %TrapInt3s) { my $header_printed=0; foreach my $Thisone ( sort {$a cmp $b} keys %TrapInt3s ) { if ($Ignore_faults =~ /\b\Q$Thisone\E\b/i) { next; } if (!$header_printed) { print "\nWARNING: Trap int3 in these executables\n"; $header_printed=1; } print " $Thisone : $TrapInt3s{$Thisone} Time(s)\n"; } } if (keys %UnalignedErrors) { print "\nWARNING: Unaligned Errors in these executables\n"; foreach my $Thisone ( sort {$a cmp $b} keys %UnalignedErrors ) { print " $Thisone : $UnalignedErrors{$Thisone} Time(s)\n"; } } if (keys %FPAssists) { print "\nWARNING: Floating-Point Assists in these executables\n"; foreach my $Thisone ( sort {$a cmp $b} keys %FPAssists ) { print " $Thisone : $FPAssists{$Thisone} Time(s)\n"; } } if (keys %OOM) { print "\nWARNING: Out of memory killer killed these executables or their children\n"; foreach my $Thisone ( sort {$a cmp $b} keys %OOM ) { print " $Thisone : $OOM{$Thisone} Time(s)\n"; } } if (keys %Errors) { print "\nWARNING: Kernel Errors Present\n"; foreach my $Thisone ( sort {$a cmp $b} keys %Errors ) { print " $Thisone ...: $Errors{$Thisone} Time(s)\n"; } } if (keys %EDACs) { print "\nWARNING: Kernel EDAC Messages\n"; foreach my $Thisone ( sort {$a cmp $b} keys %EDACs ) { print " $Thisone ...: $EDACs{$Thisone} Time(s)\n"; } } # OTHER if ( ($Detail >= 5) and (keys %Kernel) ) { print "\n"; foreach my $ThisOne (sort {$a cmp $b} keys %Kernel) { print $Kernel{$ThisOne} . " Time(s): " . $ThisOne . "\n"; } } exit(0); # vi: shiftwidth=3 tabstop=3 syntax=perl et # Local Variables: # mode: perl # perl-indent-level: 3 # indent-tabs-mode: nil # End: