similar to: Processed: reopen

Package: logcheck Version: 1.2.69 Severity: normal In the file /etc/logcheck/ignore.d.server/wu-ftpd ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ wu-ftpd: PAM-listfile: Refused user [._[:alnum:]-]+ for service wu-ftpd$ should be ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ wu-ftpd\[[0-9]{4}\]: PAM-listfile: Refused user [._[:alnum:]-]+ for service wu-ftpd$ There is a number after "wu-ftpd" -- System

Package: logcheck-database Version: 1.2.61 Severity: wishlist File: /etc/logcheck/ignore.d.server/proftpd Two weeks ago, I got a rush of these: Sep 8 12:37:07 goretex proftpd: PAM-listfile: Refused user news for service proftpd (Apparently, fail2ban managed to miss those.) This is triggered by pam_listfile, which is used by proftpd (and other FTP daemons) to block users listed in

Package: logcheck-database Version: 1.3.13 Severity: normal Tags: patch After upgrading to debian squeeze I get several messages a day in the form of: Jul 2 15:05:15 hostname spamd[21286]: spamd: handled cleanup of child pid [28609] due to SIGCHLD: exit 0 This is due to an update in spamd, that makes the message more detailed (includes exit code)[1]. Therefore messages including exit code 0

Package: logcheck-database Version: 1.3.13 Severity: normal The rule for SSH ignoring "Bad protocol version identification" assumes there are no single quotes inside the version string ('[^']'). I am however getting mails including those lines: Mar 25 22:57:04 Debian-60-squeeze-64-minimal sshd[12144]: Bad protocol version identification

Package: logcheck-database Version: 1.3.8 Severity: wishlist HI, can you please create a rule/some rules for amavis(d-new). I get for every mail this mesage: May 25 19:55:40 data amavis[9603]: (09603-15) Passed CLEAN, [::1] [213.165.64.22] <xxx at yyy.zz> -> \ <aaa at localhost>, Message-ID: <20100525175015.29677page1 at mx002.bbb.ccc>, mail_id: MM7upJv6se1Z, \ Hits:

Package: logcheck Version: 1.2.34 Severity: normal the patterns for pure-ftpd in ignore.d.server are not matching a user with a trailing whitespace. here a some examples: Feb 18 13:02:33 web1 pure-ftpd: (stupid-pure-ftpd @84.56.131.73) [NOTICE] /example/example.txt downloaded (5908 bytes, 152196.03KB/sec) Feb 18 13:16:14 web1 pure-ftpd: (stupid-pure-ftpd @84.56.131.73) [INFO] Logout. every

Processing commands for control at bugs.debian.org: > reopen 212146 Bug#212146: logcheck: please consider changing sort algorithm Bug reopened, originator not changed. > reopen 212149 Bug#212149: logcheck: please consider defining DATE and HOSTNAME macros for use in rule files Bug reopened, originator not changed. > merge 212149 174331 Bug#174331: logcheck: propose support for macros

Processing commands for control at bugs.debian.org: > reopen 412379 Bug#412379: logcheck-database: something for avahi? Bug reopened, originator not changed. > End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database)

-----BEGIN PGP SIGNED MESSAGE----- - --------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: Security problems in WU-FTPD Advisory ID: RHSA-1999:043-01 Issue date: 1999-10-21 Updated on: Keywords: wu-ftp security remote exploit Cross references: - --------------------------------------------------------------------- 1. Topic:

Dear logcheck Team, sorry for choosing the direct contact I don't know if it's the correct way. I am using logcheck on a webserver where pureftp is installed for upload of content. Logcheck is working fine except for one ignore.d rule regarding the logout messages from pureftp. Logcheck is reporting lots (an I mean lots) of messages from the following type: Feb 5 06:02:45 web1

--------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: screen defaults to not using Unix98 ptys Advisory ID: RHSA-1999:042-01 Issue date: 1999-10-20 Updated on: Keywords: Cross references: screen unix98 pty permissions --------------------------------------------------------------------- 1. Topic: Screen uses ptys with world

<nitpickyness> To avoid possible confusion, shouldn't this be named logcheck-pureftpd, or logcheck-pure-ftpd (instead of logcheck-pureftp)? Or is there a reason (that I've missed) it's this way? </nitpickyness> -j -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This

--------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: Security problems in WU-FTPD Advisory ID: RHSA-1999:043-01 Issue date: 1999-10-21 Updated on: Keywords: wu-ftp security remote exploit Cross references: --------------------------------------------------------------------- 1. Topic: Various computer security groups have

Processing commands for control at bugs.debian.org: > ## dear clint. > ## > ## release goals are release goals and not release blockers. > ## please learn the difference and discuss this beforehand. > ## > ## thanks. > ## > > severity 382189 serious > ## > Bug #382189 [nbd-server] no IPv6 support > ## > Severity set to 'serious' from

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-99:03 Security Advisory FreeBSD, Inc. Topic: Three ftp daemons in ports vulnerable to attack. Category: ports Module: wu-ftpd and proftpd

--------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: remote root exploit (SITE EXEC) fixed Advisory ID: RHSA-2000:039-02 Issue date: 2000-06-23 Updated on: 2000-06-23 Product: Red Hat Linux Keywords: wu-ftpd, root exploit, site exec, buffer overrun Cross references: N/A

The instructions in RHSA-2000:037-01 (2.2.16 kernel update) tell you: 4. Solution: For each RPM for your particular architecture, run: rpm -Fvh [filename] where filename is the name of the RPM. These instructions are incomplete and may result in a system that is unbootable. After updating the RPM files, you should also: (1) run mkinitrd to create a new initial ramdisk image

Processing commands for control at bugs.debian.org: > reassign 583155 logcheck Bug #583155 {Done: Hannes von Haugwitz <hannes at vonhaugwitz.com>} [amavisd-new] logcheck-database: Please create rules for amavis(d-new) Bug #590965 {Done: Hannes von Haugwitz <hannes at vonhaugwitz.com>} [amavisd-new] amavisd-new: Please reprovide logcheck rules Bug reassigned from package

Processing commands for control at bugs.debian.org: > # Automatically generated email from bts, devscripts version 2.9.20 > package logcheck logcheck-database logtail Ignoring bugs not assigned to: logcheck-database logtail logcheck > tags 354820 + pending Bug#354820: rules to filter out entries caused by ssh scanners Tags were: patch Tags added: pending > tags 355085 + pending

Hi! I'm kind new to linux, I just got my server with CentOS 3.1 installed I'm trying to install a ftp server to upload files, but the wu-ftpd 2.6.2 doesn't work with autoconfigure nor with ./build lnx ./build install got error missing bin/ftpd can you tell me step by step howto install o should I user another ftp server... thanks for your help Fernando