missing /var/log/messages

I

ialex03

Well-Known Member
May 15, 2003
56
0
156
I have strange problem with CPanel server.
There is no files
/var/log/messages and
/var/log/secure

Syslog is configured correctly, syslog restart and reboot doesn't help and there is enough free space at /var/log

Where is the problem may be?

Thank you for any advise.
 
D

Danks

Active Member
Oct 10, 2001
26
1
303
touch /var/log/messages
touch /var/log/secure

restart syslog, and it will probably log again
 
I

ialex03

Well-Known Member
May 15, 2003
56
0
156
I've tried that, even tried to reboot the server after creating the files. Still have no luck.

cPanel.net Support Ticket Number:
 
rpmws

rpmws

Well-Known Member
Aug 14, 2001
1,787
10
318
back woods of NC, USA
Originally posted by ialex03
I have strange problem with CPanel server.
There is no files
/var/log/messages and
/var/log/secure

Syslog is configured correctly, syslog restart and reboot doesn't help and there is enough free space at /var/log

Where is the problem may be?

Thank you for any advise.
Click to expand...
have you run chkrootkit ?

cPanel.net Support Ticket Number:
 
I

ialex03

Well-Known Member
May 15, 2003
56
0
156
I've just have run chkrootkit. One strange thing is:

Checking `bindshell'... INFECTED (PORTS: 465 1524 31337)
Click to expand...
Port 465 warning is usual for CPanel, as I know, but 1524 and 31337 .. is very strange.

Another strange thing is:

Checking `scalper'... Warning: Possible Scalper Worm installed
Click to expand...
./chkrootkit -x scalper
ROOTDIR is `/'
Warning: Possible Scalper Worm installed
Click to expand...
I have no idea what to do with it at the moment. Will investigate, but, maybe somebody already has experience and some free minutes to point me to the correct way.

cPanel.net Support Ticket Number:
 
rpmws

rpmws

Well-Known Member
Aug 14, 2001
1,787
10
318
back woods of NC, USA
Relax a bit :)

465 bindshell I think is normal. I get that also. and I saw the scalper warning before and then I upgraded to latest chkrootkit and found that was it. Try that.

cPanel.net Support Ticket Number:
 
I

ialex03

Well-Known Member
May 15, 2003
56
0
156
I am happy that my server is not hacked (possibly, but I do want to beleive it :) )

But the main problem that forced me to open this thread still exists. For some strange reason my main logs (messages and secure) don't work.

Did anybody experienced similar problems?

cPanel.net Support Ticket Number:
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
A In Progress CPANEL-41714 - Physical Disks information missing in Server Information Server Management 8
P Missing /var/cpanel/users/system file. Cannot create reseller account without associated domain Server Management 9
B Why is Marketplace missing under Server Configuration? Server Management 7
S AutoSSL is very slow and missing certificates Server Management 10
JIKOmetrix SOLVED Kernel conflicts on OVH servers due to missing exclude line in /etc/yum.repos.d/OVH-kernel.repo Server Management 29
Similar threads
In Progress CPANEL-41714 - Physical Disks information missing in Server Information
Missing /var/cpanel/users/system file. Cannot create reseller account without associated domain
Why is Marketplace missing under Server Configuration?
AutoSSL is very slow and missing certificates
SOLVED Kernel conflicts on OVH servers due to missing exclude line in /etc/yum.repos.d/OVH-kernel.repo
Top Bottom