security run output

-=Ded=- · Непрочитанное сообщение **-=Ded=-** » 2013-03-23 20:49:55

не могу понять смысл лога

Checking setuid files and devices:

домен setuid diffs:
--- /var/log/setuid.today 2013-03-11 07:01:51.000000000 +0400
+++ /tmp/security.W7WuPOvD 2013-03-23 03:01:56.000000000 +0400
@@ -1,46 +1,46 @@
-   47131 -r-sr-xr-x  1 root    wheel      20464 Apr  9 20:58:51 2012 /bin/rcp
-  235579 -r-sr-x---  1 root    operator    9752 Apr  9 20:59:08 2012 /sbin/mksnap_ffs
-  235595 -r-sr-xr-x  1 root    wheel      28240 Apr  9 20:59:08 2012 /sbin/ping
-  235596 -r-sr-xr-x  1 root    wheel      37280 Apr  9 20:59:08 2012 /sbin/ping6
-  235609 -r-sr-x---  2 root    operator   15992 Apr  9 20:59:09 2012 /sbin/poweroff
-  235609 -r-sr-x---  2 root    operator   15992 Apr  9 20:59:09 2012 /sbin/shutdown
-83845230 -r-sr-xr-x  4 root    wheel      30128 Apr  9 20:59:25 2012 /usr/bin/at
-83845230 -r-sr-xr-x  4 root    wheel      30128 Apr  9 20:59:25 2012 /usr/bin/atq
-83845230 -r-sr-xr-x  4 root    wheel      30128 Apr  9 20:59:25 2012 /usr/bin/atrm
-83845230 -r-sr-xr-x  4 root    wheel      30128 Apr  9 20:59:25 2012 /usr/bin/batch
-83845237 -r-xr-sr-x  1 root    kmem       12320 Apr  9 20:59:25 2012 /usr/bin/btsockstat
-83845253 -r-sr-xr-x  6 root    wheel      23040 Apr  9 20:59:26 2012 /usr/bin/chfn
-83845253 -r-sr-xr-x  6 root    wheel      23040 Apr  9 20:59:26 2012 /usr/bin/chpass
-83845253 -r-sr-xr-x  6 root    wheel      23040 Apr  9 20:59:26 2012 /usr/bin/chsh
-83845469 -r-sr-xr-x  1 root    wheel      33936 Apr  9 20:59:34 2012 /usr/bin/crontab
-83845289 -r-xr-sr-x  1 root    kmem       21496 Apr  9 20:59:27 2012 /usr/bin/fstat
-83845333 -r-sr-xr-x  1 root    wheel      11512 Apr  9 20:59:28 2012 /usr/bin/lock
-83845336 -r-sr-xr-x  1 root    wheel      25616 Apr  9 20:59:28 2012 /usr/bin/login
-83845473 -r-sr-sr-x  1 root    daemon     34312 Apr  9 20:59:38 2012 /usr/bin/lpq
-83845474 -r-sr-sr-x  1 root    daemon     38352 Apr  9 20:59:38 2012 /usr/bin/lpr
-83845475 -r-sr-sr-x  1 root    daemon     30344 Apr  9 20:59:38 2012 /usr/bin/lprm
-83845362 -r-xr-sr-x  1 root    kmem      157784 Apr  9 20:59:29 2012 /usr/bin/netstat
-83845371 -r-sr-xr-x  1 root    wheel       7072 Apr  9 20:59:29 2012 /usr/bin/opieinfo
-83845373 -r-sr-xr-x  1 root    wheel      14096 Apr  9 20:59:29 2012 /usr/bin/opiepasswd
-83845375 -r-sr-xr-x  2 root    wheel       8216 Apr  9 20:59:30 2012 /usr/bin/passwd
-83845387 -r-sr-xr-x  1 root    wheel      16120 Apr  9 20:59:30 2012 /usr/bin/rlogin
-83845391 -r-sr-xr-x  1 root    wheel      11632 Apr  9 20:59:30 2012 /usr/bin/rsh
-83845403 -r-sr-xr-x  1 root    wheel      16944 Apr  9 20:59:30 2012 /usr/bin/su
-83845448 -r-xr-sr-x  1 root    tty        16152 Apr  9 20:59:32 2012 /usr/bin/wall
-83845455 -r-xr-sr-x  1 root    tty        11736 Apr  9 20:59:32 2012 /usr/bin/write
-83845253 -r-sr-xr-x  6 root    wheel      23040 Apr  9 20:59:26 2012 /usr/bin/ypchfn
-83845253 -r-sr-xr-x  6 root    wheel      23040 Apr  9 20:59:26 2012 /usr/bin/ypchpass
-83845253 -r-sr-xr-x  6 root    wheel      23040 Apr  9 20:59:26 2012 /usr/bin/ypchsh
-83845375 -r-sr-xr-x  2 root    wheel       8216 Apr  9 20:59:30 2012 /usr/bin/yppasswd
-61400122 -r-xr-sr-x  1 root    smmsp     707600 Apr  9 20:59:42 2012 /usr/libexec/sendmail/sendmail
-17739663 -rwsr-xr-x  1 root    wheel     960336 Mar 10 09:16:16 2013 /usr/local/sbin/exim-4.77-1
-17739691 -rwxr-sr-x  1 root    maildrop  217328 Mar  9 13:20:56 2013 /usr/local/sbin/postdrop
-17739692 -rwxr-sr-x  1 root    maildrop  243580 Mar  9 13:20:56 2013 /usr/local/sbin/postqueue
- 6900766 -r-sr-sr-x  1 root    authpf     20280 Apr  9 20:59:33 2012 /usr/sbin/authpf
- 6900851 -r-xr-sr-x  1 root    daemon     54552 Apr  9 20:59:38 2012 /usr/sbin/lpc
- 6900916 -r-sr-x---  1 root    network   412808 Apr  9 20:59:41 2012 /usr/sbin/ppp
- 6900965 -r-sr-xr-x  1 root    wheel      21168 Apr  9 20:59:42 2012 /usr/sbin/timedc
- 6900966 -r-sr-xr-x  1 root    wheel      29536 Apr  9 20:59:42 2012 /usr/sbin/traceroute
- 6900967 -r-sr-xr-x  1 root    wheel      24496 Apr  9 20:59:43 2012 /usr/sbin/traceroute6
- 6900968 -r-xr-sr-x  1 root    kmem       11672 Apr  9 20:59:43 2012 /usr/sbin/trpt
- 1248321 -rws--x--x  1 qmailq  qmail      18544 Mar  9 13:19:24 2013 /var/qmail/bin/qmail-queue
+   47131 -r-sr-xr-x  1 root    wheel      20464 Apr 10 00:58:51 2012 /bin/rcp
+  235579 -r-sr-x---  1 root    operator    9752 Apr 10 00:59:08 2012 /sbin/mksnap_ffs
+  235595 -r-sr-xr-x  1 root    wheel      28240 Apr 10 00:59:08 2012 /sbin/ping
+  235596 -r-sr-xr-x  1 root    wheel      37280 Apr 10 00:59:08 2012 /sbin/ping6
+  235609 -r-sr-x---  2 root    operator   15992 Apr 10 00:59:09 2012 /sbin/poweroff
+  235609 -r-sr-x---  2 root    operator   15992 Apr 10 00:59:09 2012 /sbin/shutdown
+83845230 -r-sr-xr-x  4 root    wheel      30128 Apr 10 00:59:25 2012 /usr/bin/at
+83845230 -r-sr-xr-x  4 root    wheel      30128 Apr 10 00:59:25 2012 /usr/bin/atq
+83845230 -r-sr-xr-x  4 root    wheel      30128 Apr 10 00:59:25 2012 /usr/bin/atrm
+83845230 -r-sr-xr-x  4 root    wheel      30128 Apr 10 00:59:25 2012 /usr/bin/batch
+83845237 -r-xr-sr-x  1 root    kmem       12320 Apr 10 00:59:25 2012 /usr/bin/btsockstat
+83845253 -r-sr-xr-x  6 root    wheel      23040 Apr 10 00:59:26 2012 /usr/bin/chfn
+83845253 -r-sr-xr-x  6 root    wheel      23040 Apr 10 00:59:26 2012 /usr/bin/chpass
+83845253 -r-sr-xr-x  6 root    wheel      23040 Apr 10 00:59:26 2012 /usr/bin/chsh
+83845469 -r-sr-xr-x  1 root    wheel      33936 Apr 10 00:59:34 2012 /usr/bin/crontab
+83845289 -r-xr-sr-x  1 root    kmem       21496 Apr 10 00:59:27 2012 /usr/bin/fstat
+83845333 -r-sr-xr-x  1 root    wheel      11512 Apr 10 00:59:28 2012 /usr/bin/lock
+83845336 -r-sr-xr-x  1 root    wheel      25616 Apr 10 00:59:28 2012 /usr/bin/login
+83845473 -r-sr-sr-x  1 root    daemon     34312 Apr 10 00:59:38 2012 /usr/bin/lpq
+83845474 -r-sr-sr-x  1 root    daemon     38352 Apr 10 00:59:38 2012 /usr/bin/lpr
+83845475 -r-sr-sr-x  1 root    daemon     30344 Apr 10 00:59:38 2012 /usr/bin/lprm
+83845362 -r-xr-sr-x  1 root    kmem      157784 Apr 10 00:59:29 2012 /usr/bin/netstat
+83845371 -r-sr-xr-x  1 root    wheel       7072 Apr 10 00:59:29 2012 /usr/bin/opieinfo
+83845373 -r-sr-xr-x  1 root    wheel      14096 Apr 10 00:59:29 2012 /usr/bin/opiepasswd
+83845375 -r-sr-xr-x  2 root    wheel       8216 Apr 10 00:59:30 2012 /usr/bin/passwd
+83845387 -r-sr-xr-x  1 root    wheel      16120 Apr 10 00:59:30 2012 /usr/bin/rlogin
+83845391 -r-sr-xr-x  1 root    wheel      11632 Apr 10 00:59:30 2012 /usr/bin/rsh
+83845403 -r-sr-xr-x  1 root    wheel      16944 Apr 10 00:59:30 2012 /usr/bin/su
+83845448 -r-xr-sr-x  1 root    tty        16152 Apr 10 00:59:32 2012 /usr/bin/wall
+83845455 -r-xr-sr-x  1 root    tty        11736 Apr 10 00:59:32 2012 /usr/bin/write
+83845253 -r-sr-xr-x  6 root    wheel      23040 Apr 10 00:59:26 2012 /usr/bin/ypchfn
+83845253 -r-sr-xr-x  6 root    wheel      23040 Apr 10 00:59:26 2012 /usr/bin/ypchpass
+83845253 -r-sr-xr-x  6 root    wheel      23040 Apr 10 00:59:26 2012 /usr/bin/ypchsh
+83845375 -r-sr-xr-x  2 root    wheel       8216 Apr 10 00:59:30 2012 /usr/bin/yppasswd
+61400122 -r-xr-sr-x  1 root    smmsp     707600 Apr 10 00:59:42 2012 /usr/libexec/sendmail/sendmail
+17739663 -rwsr-xr-x  1 root    wheel     960336 Mar 10 13:16:16 2013 /usr/local/sbin/exim-4.77-1
+17739691 -rwxr-sr-x  1 root    maildrop  217328 Mar  9 17:20:56 2013 /usr/local/sbin/postdrop
+17739692 -rwxr-sr-x  1 root    maildrop  243580 Mar  9 17:20:56 2013 /usr/local/sbin/postqueue
+ 6900766 -r-sr-sr-x  1 root    authpf     20280 Apr 10 00:59:33 2012 /usr/sbin/authpf
+ 6900851 -r-xr-sr-x  1 root    daemon     54552 Apr 10 00:59:38 2012 /usr/sbin/lpc
+ 6900916 -r-sr-x---  1 root    network   412808 Apr 10 00:59:41 2012 /usr/sbin/ppp
+ 6900965 -r-sr-xr-x  1 root    wheel      21168 Apr 10 00:59:42 2012 /usr/sbin/timedc
+ 6900966 -r-sr-xr-x  1 root    wheel      29536 Apr 10 00:59:42 2012 /usr/sbin/traceroute
+ 6900967 -r-sr-xr-x  1 root    wheel      24496 Apr 10 00:59:43 2012 /usr/sbin/traceroute6
+ 6900968 -r-xr-sr-x  1 root    kmem       11672 Apr 10 00:59:43 2012 /usr/sbin/trpt
+ 1248321 -rws--x--x  1 qmailq  qmail      18544 Mar  9 17:19:24 2013 /var/qmail/bin/qmail-queue

по времени лог вроди совпадает с падением сервера, развалился рэйд в зеркале.

и почему там Apr, а не март?

Хостинг HostFood.ru · **Хостинг HostFood.ru**

Тарифы на хостинг в России, от 12 рублей: https://www.host-food.ru/tariffs/hosting/
Тарифы на виртуальные сервера (VPS/VDS/KVM) в РФ, от 189 руб.: https://www.host-food.ru/tariffs/virtualny-server-vps/
Выделенные сервера, Россия, Москва, от 2000 рублей (HP Proliant G5, Intel Xeon E5430 (2.66GHz, Quad-Core, 12Mb), 8Gb RAM, 2x300Gb SAS HDD, P400i, 512Mb, BBU):
https://www.host-food.ru/tariffs/vydelennyi-server-ds/
Недорогие домены в популярных зонах: https://www.host-food.ru/domains/

Alex Keda

где, там?

-=Ded=- · Непрочитанное сообщение **-=Ded=-** » 2013-03-23 22:22:34

Alex Keda писал(а):где, там?

забуть

я думал дата файлов перескочила на апрель, а там апрель прошлого года, раньше не обращал внимания на дату при установке, думал дата ставиться по дате установки.

forum.lissyara.su

security run output

security run output

Услуги хостинговой компании Host-Food.ru

Re: security run output

Re: security run output