Je reçois cette alerte “logwatch” depuis deux jours :
[code]--------------------- EXIM Begin ------------------------
***** BAD FORMAT (Possible data corruption or Exim bug) *****
€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€2014-03-26 12:16:02 exim 4.82 daemon started: pid=2778, -q30m, listening for SMTP on [127.0.0.1]:25
---------------------- EXIM End -------------------------
[/code]
Les ‘€’ sur 4 ou 5 lignes au total
Attaque ?
Log de “messages” à l’heure en question :
[mono]ordibureau kernel: [ 9.330349] type=1006 audit(1395832562.786:2): pid=2945 uid=0 old auid=4294967295 new auid=1000 old ses=4294967295 new ses=1 res=1[/mono]
Log exim4/mainlog3.gz :
[mono]€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€€ … etc.
2014-03-26 12:16:02 Start queue run: pid=2781
2014-03-26 12:16:02 End queue run: pid=2781[/mono]