Log Bizard

Top Page

Reply to this message
Author: Remi FERNANDEZ
Date:  
To: guilde
Subject: Log Bizard
Bonjour,

En parcourant les logs ce matin j'ai trouvé des lignes que je n'avais
jamais lues auparavant

dans /var/log/auth.log

Feb 1 06:25:01 deltamsg su[29415]: Successful su for amavis by root
Feb 1 06:25:01 deltamsg su[29415]: + ??? root:amavis
Feb 1 06:25:01 deltamsg su[29415]: (pam_unix) session opened for user
amavis by (uid=0)
Feb 1 06:25:11 deltamsg su[29415]: (pam_unix) session closed for user
amavis
Feb 1 06:25:30 deltamsg su[30085]: Successful su for nobody by root
Feb 1 06:25:30 deltamsg su[30085]: + ??? root:nobody
Feb 1 06:25:30 deltamsg su[30085]: (pam_unix) session opened for user
nobody by (uid=0)
Feb 1 06:25:30 deltamsg su[30085]: (pam_unix) session closed for user
nobody
Feb 1 06:25:30 deltamsg su[30089]: Successful su for nobody by root
Feb 1 06:25:30 deltamsg su[30089]: + ??? root:nobody
Feb 1 06:25:30 deltamsg su[30089]: (pam_unix) session opened for user
nobody by (uid=0)
Feb 1 06:25:30 deltamsg su[30089]: (pam_unix) session closed for user
nobody
Feb 1 06:25:30 deltamsg su[30091]: Successful su for nobody by root
Feb 1 06:25:30 deltamsg su[30091]: + ??? root:nobody
Feb 1 06:25:30 deltamsg su[30091]: (pam_unix) session opened for user
nobody by (uid=0)
Feb 1 06:25:42 deltamsg su[30091]: (pam_unix) session closed for user
nobody

Je précise le contexte, il s'agit d'une machine sous Debian etch qui
héberge un serveur LAMP et Mail...

Est ce que vous voyez là des raisons de s'inquiter?

Rémi