Security concerns

Recently, our daily Logwatch report presented some troubling messages. Can somebody help us understand what these messages mean, and whether we should be concerned?

 --------------------- Automount Begin ------------------------

 **Unmatched Entries**
 lookup_read_master: lookup(nisplus): couldn't locate nis+ table auto.master: 1 Time(s)

 ---------------------- Automount End -------------------------

 --------------------- Cron Begin ------------------------


 **Unmatched Entries**
 INFO (RANDOM_DELAY will be scaled with factor 39% if used.)

 ---------------------- Cron End -------------------------

 --------------------- Kernel Begin ------------------------

 WARNING:  Kernel Errors Present
    : ACPI Error (psparse-0537):  ...:  2 Time(s)
    : ACPI Error: No handler for  ...:  1 Time(s)
    : ACPI Error: Region IPMI(7)  ...:  1 Time(s)
    : ERST: Error Record Serializa ...:  1 Time(s)

 ---------------------- Kernel End -------------------------

 --------------------- Connections (secure-log) Begin ------------------------

 Root logins on tty's: 1 Time(s).

 **Unmatched Entries**
    webmin: Webmin starting: 1 Time(s)

 ---------------------- Connections (secure-log) End -------------------------
denverwayneAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Sean JacksonInformation Security AnalystCommented:
I'm obviously not as familiar as you are with your systems, but it looks like there's a bug in one of your cron jobs, and it looks like you might have a kernel error.  That could be the doozy. There might be a disk error, a bad install, or worst case, a root kit.

Check against your backups, see what's different from the last clean record.

If you have no errors in your last backup, perhaps look at restoring from that backup.  Or reinstalling from scratch and restoring any data from backup.

Again, I'm not as familiar as you are, so I'm just stabbing in the dark here.
0
gheistCommented:
There is one entry in IMPI log that kernel could not decode. Log in to management processor and check it.
That is definitely a hardware fault that you have to bring to vendor withing warranty period.

nisplus error means some software installed NIS client and it tries to authenticate - just uninstall it or specify your distribution to get more recipes on how to disable it.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux Security

From novice to tech pro — start learning today.