Solved

Security concerns

Posted on 2014-12-29
2
172 Views
Last Modified: 2015-01-06
Recently, our daily Logwatch report presented some troubling messages. Can somebody help us understand what these messages mean, and whether we should be concerned?

 --------------------- Automount Begin ------------------------

 **Unmatched Entries**
 lookup_read_master: lookup(nisplus): couldn't locate nis+ table auto.master: 1 Time(s)

 ---------------------- Automount End -------------------------

 --------------------- Cron Begin ------------------------


 **Unmatched Entries**
 INFO (RANDOM_DELAY will be scaled with factor 39% if used.)

 ---------------------- Cron End -------------------------

 --------------------- Kernel Begin ------------------------

 WARNING:  Kernel Errors Present
    : ACPI Error (psparse-0537):  ...:  2 Time(s)
    : ACPI Error: No handler for  ...:  1 Time(s)
    : ACPI Error: Region IPMI(7)  ...:  1 Time(s)
    : ERST: Error Record Serializa ...:  1 Time(s)

 ---------------------- Kernel End -------------------------

 --------------------- Connections (secure-log) Begin ------------------------

 Root logins on tty's: 1 Time(s).

 **Unmatched Entries**
    webmin: Webmin starting: 1 Time(s)

 ---------------------- Connections (secure-log) End -------------------------
0
Comment
Question by:denverwayne
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 5

Expert Comment

by:Sean Jackson
ID: 40522644
I'm obviously not as familiar as you are with your systems, but it looks like there's a bug in one of your cron jobs, and it looks like you might have a kernel error.  That could be the doozy. There might be a disk error, a bad install, or worst case, a root kit.

Check against your backups, see what's different from the last clean record.

If you have no errors in your last backup, perhaps look at restoring from that backup.  Or reinstalling from scratch and restoring any data from backup.

Again, I'm not as familiar as you are, so I'm just stabbing in the dark here.
0
 
LVL 62

Accepted Solution

by:
gheist earned 500 total points
ID: 40522759
There is one entry in IMPI log that kernel could not decode. Log in to management processor and check it.
That is definitely a hardware fault that you have to bring to vendor withing warranty period.

nisplus error means some software installed NIS client and it tries to authenticate - just uninstall it or specify your distribution to get more recipes on how to disable it.
0

Featured Post

Surfing Is Meant To Be Done Outdoors

Featuring its rugged IP67 compliant exterior and delivering broad, fast, and reliable Wi-Fi coverage, the AP322 is the ideal solution for the outdoors. Manage this AP with either a Firebox as a gateway controller, or with the Wi-Fi Cloud for an expanded set of management features

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The next five years are sure to bring developments that are just astonishing, and we will continue to try to find the balance between connectivity and security. Here are five major technological developments from the last five years and some predict…
The related questions "How do I recover the passwords for my Q-See DVR" and "How can I reset my Q-See DVR to eliminate a password" are seen several times a week.  Here we discuss the grim reality of the situation.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question