D
DeanW
Guest
################### LogWatch 5.1 (02/03/04) ####################
Processing Initiated: Wed Feb 22 04:02:02 2006
Date Range Processed: yesterday
Detail Level of Output: 0
Logfiles for Host: xxx.xxxxx.com
################################################################
--------------------- Cron Begin ------------------------
**Unmatched Entries**
Feb 21 08:09:59 s3 atd[1001]: Cannot change to /var/spool/at: Permission denied
---------------------- Cron End -------------------------
--------------------- httpd Begin ------------------------
A total of 8 unidentified 'other' records logged
GET //cgi-bin/awstats. pl HTTP/1.1 with response code(s) 404
POST /SmpDsBhgRl HTTP/1.0 with response code(s) 404
GET //usage/awstats. pl HTTP/1.1 with response code(s) 403 403
GET //awstats/awstats. pl HTTP/1.1 with response code(s) 404 404
GET //usage/cgi-bin/awstats. pl HTTP/1.1 with response code(s) 403 403
GET //s-cgi/awstats. pl HTTP/1.1 with response code(s) 404 404
GET //aws/awstats. pl HTTP/1.1 with response code(s) 404 404 404
GET /SmpDsBhgRl827f2446-838b-4729-9717-87c39dc2e828 HTTP/1.0 with response code(s) 404
---------------------- httpd End -------------------------
--------------------- ModProbe Begin ------------------------
Can't locate these modules:
ehci_hcd : 1 Time(s)
uhci_hcd : 1 Time(s)
------
Also my server crashed the other night and I haven't been able to explain it. Now that I've bought a cell phone and set up my monitoring script to notify me I'm ready to fix the server.
1. Why would I get that atd error? Is a hacker trying to exploit?
2. Is awstats included with Plesk 7.5.4 and, if so, are the hacker web queries above dangerous?
3. Do I need those modules? They only seem to be missing since the 12th ??!
rkhunter comes up with nothing...
Processing Initiated: Wed Feb 22 04:02:02 2006
Date Range Processed: yesterday
Detail Level of Output: 0
Logfiles for Host: xxx.xxxxx.com
################################################################
--------------------- Cron Begin ------------------------
**Unmatched Entries**
Feb 21 08:09:59 s3 atd[1001]: Cannot change to /var/spool/at: Permission denied
---------------------- Cron End -------------------------
--------------------- httpd Begin ------------------------
A total of 8 unidentified 'other' records logged
GET //cgi-bin/awstats. pl HTTP/1.1 with response code(s) 404
POST /SmpDsBhgRl HTTP/1.0 with response code(s) 404
GET //usage/awstats. pl HTTP/1.1 with response code(s) 403 403
GET //awstats/awstats. pl HTTP/1.1 with response code(s) 404 404
GET //usage/cgi-bin/awstats. pl HTTP/1.1 with response code(s) 403 403
GET //s-cgi/awstats. pl HTTP/1.1 with response code(s) 404 404
GET //aws/awstats. pl HTTP/1.1 with response code(s) 404 404 404
GET /SmpDsBhgRl827f2446-838b-4729-9717-87c39dc2e828 HTTP/1.0 with response code(s) 404
---------------------- httpd End -------------------------
--------------------- ModProbe Begin ------------------------
Can't locate these modules:
ehci_hcd : 1 Time(s)
uhci_hcd : 1 Time(s)
------
Also my server crashed the other night and I haven't been able to explain it. Now that I've bought a cell phone and set up my monitoring script to notify me I'm ready to fix the server.
1. Why would I get that atd error? Is a hacker trying to exploit?
2. Is awstats included with Plesk 7.5.4 and, if so, are the hacker web queries above dangerous?
3. Do I need those modules? They only seem to be missing since the 12th ??!
rkhunter comes up with nothing...