Solved

Security concerns

Posted on 2014-12-29
2
154 Views
Last Modified: 2015-01-06
Recently, our daily Logwatch report presented some troubling messages. Can somebody help us understand what these messages mean, and whether we should be concerned?

 --------------------- Automount Begin ------------------------

 **Unmatched Entries**
 lookup_read_master: lookup(nisplus): couldn't locate nis+ table auto.master: 1 Time(s)

 ---------------------- Automount End -------------------------

 --------------------- Cron Begin ------------------------


 **Unmatched Entries**
 INFO (RANDOM_DELAY will be scaled with factor 39% if used.)

 ---------------------- Cron End -------------------------

 --------------------- Kernel Begin ------------------------

 WARNING:  Kernel Errors Present
    : ACPI Error (psparse-0537):  ...:  2 Time(s)
    : ACPI Error: No handler for  ...:  1 Time(s)
    : ACPI Error: Region IPMI(7)  ...:  1 Time(s)
    : ERST: Error Record Serializa ...:  1 Time(s)

 ---------------------- Kernel End -------------------------

 --------------------- Connections (secure-log) Begin ------------------------

 Root logins on tty's: 1 Time(s).

 **Unmatched Entries**
    webmin: Webmin starting: 1 Time(s)

 ---------------------- Connections (secure-log) End -------------------------
0
Comment
Question by:denverwayne
2 Comments
 
LVL 5

Expert Comment

by:Sean Jackson
ID: 40522644
I'm obviously not as familiar as you are with your systems, but it looks like there's a bug in one of your cron jobs, and it looks like you might have a kernel error.  That could be the doozy. There might be a disk error, a bad install, or worst case, a root kit.

Check against your backups, see what's different from the last clean record.

If you have no errors in your last backup, perhaps look at restoring from that backup.  Or reinstalling from scratch and restoring any data from backup.

Again, I'm not as familiar as you are, so I'm just stabbing in the dark here.
0
 
LVL 61

Accepted Solution

by:
gheist earned 500 total points
ID: 40522759
There is one entry in IMPI log that kernel could not decode. Log in to management processor and check it.
That is definitely a hardware fault that you have to bring to vendor withing warranty period.

nisplus error means some software installed NIS client and it tries to authenticate - just uninstall it or specify your distribution to get more recipes on how to disable it.
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now