Koozali.org: home of the SME Server
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. Experienced User Forum
  4. Topic: Can someone tell me what this log says
« previous next »
Pages: [1]   Go Down

Can someone tell me what this log says

  • 2 Replies
  • 2000 Views

Charlie

Can someone tell me what this log says
« on: February 26, 2002, 06:25:54 AM »
Here is a snipet of my secure log. It looks suspicious because of the amount of activity. Can someone tell he what this is refering to. Thanks in advance.

Feb 25 19:22:33 lites-out xinetd[1100]: START: smtp pid=20810 from=64.26.145.90
Feb 25 19:23:03 lites-out xinetd[1100]: EXIT: smtp status=0 pid=20810 duration=30(sec)
Feb 25 19:51:13 lites-out xinetd[1100]: START: pop-3 pid=20843 from=192.168.0.65
Feb 25 19:51:13 lites-out xinetd[1100]: EXIT: pop-3 status=1 pid=20843 duration=0(sec)
Feb 25 20:21:13 lites-out xinetd[1100]: START: pop-3 pid=20873 from=192.168.0.65
Feb 25 20:21:13 lites-out xinetd[1100]: EXIT: pop-3 status=1 pid=20873 duration=0(sec)
Feb 25 20:37:53 lites-out xinetd[1100]: START: smtp pid=20891 from=64.26.145.90
Feb 25 20:38:24 lites-out xinetd[1100]: EXIT: smtp status=0 pid=20891 duration=31(sec)
Feb 25 20:38:48 lites-out xinetd[1100]: START: imap pid=20900 from=127.0.0.1
Feb 25 20:38:48 lites-out xinetd[1100]: START: auth pid=20901 from=127.0.0.1
Feb 25 20:38:48 lites-out xinetd[20900]: USERID: imap OTHER :www
Feb 25 20:38:48 lites-out xinetd[1100]: EXIT: auth signal=11 pid=20901 duration=0(sec)
Feb 25 20:38:49 lites-out xinetd[1100]: EXIT: imap status=0 pid=20900 duration=1(sec)
Feb 25 20:38:49 lites-out xinetd[1100]: START: imap pid=20902 from=127.0.0.1
Feb 25 20:38:49 lites-out xinetd[1100]: START: auth pid=20903 from=127.0.0.1
Feb 25 20:38:49 lites-out xinetd[20902]: USERID: imap OTHER :www
Feb 25 20:38:49 lites-out xinetd[1100]: EXIT: auth signal=11 pid=20903 duration=0(sec)
Feb 25 20:38:50 lites-out xinetd[1100]: EXIT: imap status=0 pid=20902 duration=1(sec)
Feb 25 20:38:55 lites-out xinetd[1100]: START: imap pid=20904 from=127.0.0.1
Feb 25 20:38:55 lites-out xinetd[1100]: START: auth pid=20905 from=127.0.0.1
Feb 25 20:38:55 lites-out xinetd[20904]: USERID: imap OTHER :www
Logged

Jon Blakely

Re: Can someone tell me what this log says
« Reply #1 on: February 26, 2002, 02:22:05 PM »
Feb 25 19:22:33 lites-out xinetd[1100]: START: smtp pid=20810 from=64.26.145.90
Feb 25 19:23:03 lites-out xinetd[1100]: EXIT: smtp status=0 pid=20810 duration=30(sec)

This bit is server contacting your ISP mail server

Feb 25 19:51:13 lites-out xinetd[1100]: START: pop-3 pid=20843 from=192.168.0.65
Feb 25 19:51:13 lites-out xinetd[1100]: EXIT: pop-3 status=1 pid=20843 duration=0(sec)
Feb 25 20:21:13 lites-out xinetd[1100]: START: pop-3 pid=20873 from=192.168.0.65
Feb 25 20:21:13 lites-out xinetd[1100]: EXIT: pop-3 status=1 pid=20873 duration=0(sec)

This is a mail client (probably outlook) on your local network, machine 192.168.0.65. It is set to retreive mail every 30 minutes.

Feb 25 20:38:48 lites-out xinetd[1100]: EXIT: auth signal=11 pid=20901 duration=0(sec)
Feb 25 20:38:49 lites-out xinetd[1100]: EXIT: imap status=0 pid=20900 duration=1(sec)
Feb 25 20:38:49 lites-out xinetd[1100]: START: imap pid=20902 from=127.0.0.1
Feb 25 20:38:49 lites-out xinetd[1100]: START: auth pid=20903 from=127.0.0.1
Feb 25 20:38:49 lites-out xinetd[20902]: USERID: imap OTHER :www

This is access to webmail via http://your-domain/webmail.

You do not have a problem.
Logged

Charlie

Re: Can someone tell me what this log says
« Reply #2 on: February 26, 2002, 07:40:46 PM »
Jon,

Thank you for the information. Can you recommend a source where I can learn what these reports are saying? I see pages of data and it is sometimes scary.

Charlie
Logged
Pages: [1]   Go Up
« previous next »
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. Experienced User Forum
  4. Topic: Can someone tell me what this log says