Chinaunix首页 | 论坛 | 博客
  • 博客访问: 847941
  • 博文数量: 756
  • 博客积分: 40000
  • 博客等级: 大将
  • 技术积分: 4980
  • 用 户 组: 普通用户
  • 注册时间: 2008-10-13 14:40
文章分类

全部博文(756)

文章存档

2011年(1)

2008年(755)

我的朋友

分类:

2008-10-13 14:40:21

服务器安装的是RedHat Linux AS4 ,服务器只开了22,21,3306,80端口,一开始运行挺正常的,不过9号2点和今天2点,服务器都DOWN机了,网络不通,SSH也连接不上,不知是什么原因,急死了:(

求救高手指点!不胜感谢。

附:IPtables配置:
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 8090 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT

其中8090是apache端口,不过现在已经不用了。80是开给tomcat用的。      
--------------------next---------------------
附:9号的日志:

Jul  9 04:02:37 localhost syslogd 1.4.1: restart.
Jul  9 04:02:42 localhost kernel: audit(1152388962.335:0): avc:  denied  { write } for  pid=27354 exe=/usr/sbin/httpd name=mibs dev=dm-0 ino=4114959 scontext=root:system_r:httpd_t tcontext=system_ubject_r:usr_t tclass=dir
Jul  9 04:02:47 localhost crond(pam_unix)[3579]: session closed for user root
Jul  9 04:05:01 localhost crond(pam_unix)[4193]: session opened for user root by (uid=0)
Jul  9 04:05:02 localhost crond(pam_unix)[4193]: session closed for user root
Jul  9 04:10:01 localhost crond(pam_unix)[4195]: session opened for user root by (uid=0)
Jul  9 04:10:01 localhost crond(pam_unix)[4197]: session opened for user root by (uid=0)
Jul  9 04:10:01 localhost crond(pam_unix)[4197]: session closed for user root
Jul  9 04:10:01 localhost crond(pam_unix)[4195]: session closed for user root
Jul  9 04:15:01 localhost crond(pam_unix)[4200]: session opened for user root by (uid=0)
Jul  9 04:15:01 localhost crond(pam_unix)[4200]: session closed for user root
Jul  9 04:20:01 localhost crond(pam_unix)[4202]: session opened for user root by (uid=0)
Jul  9 04:20:01 localhost crond(pam_unix)[4203]: session opened for user root by (uid=0)
Jul  9 04:20:01 localhost crond(pam_unix)[4203]: session closed for user root
Jul  9 04:20:02 localhost crond(pam_unix)[4202]: session closed for user root
Jul  9 04:22:01 localhost crond(pam_unix)[4209]: session opened for user root by (uid=0)
Jul  9 04:24:45 localhost crond(pam_unix)[4209]: session closed for user root
Jul  9 04:25:01 localhost crond(pam_unix)[7157]: session opened for user root by (uid=0)
Jul  9 04:25:02 localhost crond(pam_unix)[7157]: session closed for user root
Jul  9 04:30:01 localhost crond(pam_unix)[7159]: session opened for user root by (uid=0)
Jul  9 04:30:01 localhost crond(pam_unix)[7161]: session opened for user root by (uid=0)
Jul  9 04:30:01 localhost crond(pam_unix)[7161]: session closed for user root
Jul  9 04:30:01 localhost crond(pam_unix)[7159]: session closed for user root
Jul  9 04:35:01 localhost crond(pam_unix)[7164]: session opened for user root by (uid=0)
Jul  9 04:35:01 localhost crond(pam_unix)[7164]: session closed for user root
Jul  9 04:40:01 localhost crond(pam_unix)[7166]: session opened for user root by (uid=0)
Jul  9 04:40:01 localhost crond(pam_unix)[7167]: session opened for user root by (uid=0)
Jul  9 04:40:01 localhost crond(pam_unix)[7167]: session closed for user root
Jul  9 04:40:01 localhost crond(pam_unix)[7166]: session closed for user root
Jul  9 04:45:02 localhost crond(pam_unix)[7174]: session opened for user root by (uid=0)
Jul  9 04:45:02 localhost crond(pam_unix)[7174]: session closed for user root
Jul  9 04:50:01 localhost crond(pam_unix)[7178]: session opened for user root by (uid=0)
Jul  9 04:50:01 localhost crond(pam_unix)[7179]: session opened for user root by (uid=0)
Jul  9 04:50:01 localhost crond(pam_unix)[7179]: session closed for user root
Jul  9 04:50:02 localhost crond(pam_unix)[7178]: session closed for user root
Jul  9 04:55:01 localhost crond(pam_unix)[7183]: session opened for user root by (uid=0)
Jul  9 04:55:01 localhost crond(pam_unix)[7183]: session closed for user root
Jul  9 05:00:01 localhost crond(pam_unix)[7185]: session opened for user root by (uid=0)
Jul  9 05:00:01 localhost crond(pam_unix)[7186]: session opened for user root by (uid=0)
Jul  9 05:00:01 localhost crond(pam_unix)[7186]: session closed for user root
Jul  9 05:00:01 localhost crond(pam_unix)[7185]: session closed for user root
Jul  9 05:01:01 localhost crond(pam_unix)[7190]: session opened for user root by (uid=0)
Jul  9 05:01:01 localhost crond(pam_unix)[7190]: session closed for user root
Jul  9 05:05:01 localhost crond(pam_unix)[7200]: session opened for user root by (uid=0)
Jul  9 05:05:02 localhost crond(pam_unix)[7200]: session closed for user root
Jul  9 05:10:01 localhost crond(pam_unix)[7202]: session opened for user root by (uid=0)
Jul  9 05:10:01 localhost crond(pam_unix)[7204]: session opened for user root by (uid=0)
Jul  9 05:10:01 localhost crond(pam_unix)[7204]: session closed for user root
Jul  9 05:10:01 localhost crond(pam_unix)[7202]: session closed for user root
Jul  9 05:15:01 localhost crond(pam_unix)[7207]: session opened for user root by (uid=0)
Jul  9 05:15:01 localhost crond(pam_unix)[7207]: session closed for user root
Jul  9 05:20:01 localhost crond(pam_unix)[7209]: session opened for user root by (uid=0)
Jul  9 05:20:01 localhost crond(pam_unix)[7211]: session opened for user root by (uid=0)
Jul  9 05:20:01 localhost crond(pam_unix)[7211]: session closed for user root
Jul  9 05:20:02 localhost crond(pam_unix)[7209]: session closed for user root
Jul  9 05:25:01 localhost crond(pam_unix)[7214]: session opened for user root by (uid=0)
Jul  9 05:25:01 localhost crond(pam_unix)[7214]: session closed for user root
Jul  9 05:30:01 localhost crond(pam_unix)[7217]: session opened for user root by (uid=0)
Jul  9 05:30:01 localhost crond(pam_unix)[7216]: session opened for user root by (uid=0)
Jul  9 05:30:01 localhost crond(pam_unix)[7217]: session closed for user root
Jul  9 05:30:01 localhost crond(pam_unix)[7216]: session closed for user root
Jul  9 05:35:01 localhost crond(pam_unix)[7221]: session opened for user root by (uid=0)
Jul  9 05:35:02 localhost crond(pam_unix)[7221]: session closed for user root
Jul  9 05:40:01 localhost crond(pam_unix)[7223]: session opened for user root by (uid=0)
Jul  9 05:40:01 localhost crond(pam_unix)[7224]: session opened for user root by (uid=0)
Jul  9 05:40:01 localhost crond(pam_unix)[7224]: session closed for user root
Jul  9 05:40:01 localhost crond(pam_unix)[7223]: session closed for user root
Jul  9 05:45:01 localhost crond(pam_unix)[7228]: session opened for user root by (uid=0)
Jul  9 05:45:01 localhost crond(pam_unix)[7228]: session closed for user root
Jul  9 05:50:01 localhost crond(pam_unix)[7232]: session opened for user root by (uid=0)
Jul  9 05:50:01 localhost crond(pam_unix)[7234]: session opened for user root by (uid=0)
Jul  9 05:50:01 localhost crond(pam_unix)[7234]: session closed for user root
Jul  9 05:50:02 localhost crond(pam_unix)[7232]: session closed for user root
Jul  9 05:55:01 localhost crond(pam_unix)[7237]: session opened for user root by (uid=0)
Jul  9 05:55:01 localhost crond(pam_unix)[7237]: session closed for user root
Jul  9 06:00:01 localhost crond(pam_unix)[7239]: session opened for user root by (uid=0)
Jul  9 06:00:01 localhost crond(pam_unix)[7241]: session opened for user root by (uid=0)
Jul  9 06:00:01 localhost crond(pam_unix)[7241]: session closed for user root
Jul  9 06:00:01 localhost crond(pam_unix)[7239]: session closed for user root
Jul  9 06:01:01 localhost crond(pam_unix)[7244]: session opened for user root by (uid=0)
Jul  9 06:01:01 localhost crond(pam_unix)[7244]: session closed for user root
Jul  9 06:05:01 localhost crond(pam_unix)[7254]: session opened for user root by (uid=0)
Jul  9 06:05:01 localhost crond(pam_unix)[7254]: session closed for user root
Jul  9 06:10:01 localhost crond(pam_unix)[7256]: session opened for user root by (uid=0)
Jul  9 06:10:01 localhost crond(pam_unix)[7258]: session opened for user root by (uid=0)
Jul  9 06:10:02 localhost crond(pam_unix)[7258]: session closed for user root
Jul  9 06:10:02 localhost crond(pam_unix)[7256]: session closed for user root
Jul  9 06:15:01 localhost crond(pam_unix)[7261]: session opened for user root by (uid=0)
Jul  9 06:15:01 localhost crond(pam_unix)[7261]: session closed for user root
Jul  9 06:20:01 localhost crond(pam_unix)[7263]: session opened for user root by (uid=0)
Jul  9 09:13:25 localhost kernel: e1000: eth0: e1000_watchdog: NIC Link is Down
Jul  9 09:13:28 localhost kernel: e1000: eth0: e1000_watchdog: NIC Link is Up 100 Mbps Full Duplex
Jul  9 09:55:04 localhost kernel: e1000: eth0: e1000_watchdog: NIC Link is Down
Jul  9 09:55:05 localhost kernel: e1000: eth0: e1000_watchdog: NIC Link is Up 100 Mbps Full Duplex
Jul  9 10:40:07 localhost sshd(pam_unix)[7663]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.37.4.200  user=cyrus
Jul  9 10:40:11 localhost unix_chkpwd[7667]: check pass; user unknown
Jul  9 10:40:11 localhost sshd(pam_unix)[7665]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.37.4.200
Jul  9 10:40:14 localhost unix_chkpwd[7670]: check pass; user unknown
Jul  9 10:40:14 localhost sshd(pam_unix)[7668]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.37.4.200
Jul  9 10:40:18 localhost sshd(pam_unix)[7671]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.37.4.200  user=ftp
Jul  9 10:40:22 localhost unix_chkpwd[7675]: check pass; user unknown
Jul  9 10:40:22 localhost sshd(pam_unix)[7673]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.37.4.200
Jul  9 10:40:26 localhost unix_chkpwd[7678]: check pass; user unknown
Jul  9 10:40:26 localhost sshd(pam_unix)[7676]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.37.4.200
Jul  9 10:40:30 localhost unix_chkpwd[7681]: check pass; user unknown
Jul  9 10:40:30 localhost sshd(pam_unix)[7679]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.37.4.200
Jul  9 10:40:34 localhost sshd(pam_unix)[7682]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.37.4.200  user=postfix
Jul  9 10:40:37 localhost sshd(pam_unix)[7684]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.37.4.200  user=postgres
Jul  9 10:40:41 localhost unix_chkpwd[7688]: check pass; user unknown
这是一部分,      
--------------------next---------------------
附:9号2点左右DOWN机时的日志
Jul 9 13:44:00 localhost sshd(pam_unix)[9610]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=208.101.26.188
Jul 9 13:44:05 localhost unix_chkpwd[9615]: check pass; user unknown
Jul 9 13:44:05 localhost sshd(pam_unix)[9613]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=208.101.26.188
Jul 9 13:44:11 localhost unix_chkpwd[9618]: check pass; user unknown
Jul 9 13:44:11 localhost sshd(pam_unix)[9616]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=208.101.26.188
Jul 9 13:44:16 localhost unix_chkpwd[9621]: check pass; user unknown
Jul 9 13:44:16 localhost sshd(pam_unix)[9619]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=208.101.26.188
Jul 9 13:44:21 localhost unix_chkpwd[9624]: check pass; user unknown
Jul 9 13:44:21 localhost sshd(pam_unix)[9622]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=208.101.26.188
Jul 9 13:44:26 localhost unix_chkpwd[9627]: check pass; user unknown
Jul 9 13:44:26 localhost sshd(pam_unix)[9625]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=208.101.26.188
Jul 9 13:44:31 localhost unix_chkpwd[9630]: check pass; user unknown
Jul 9 13:44:31 localhost sshd(pam_unix)[9628]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=208.101.26.188
Jul 9 13:45:01 localhost crond(pam_unix)[9631]: session opened for user root by (uid=0)
Jul 9 13:45:02 localhost crond(pam_unix)[9631]: session closed for user root
Jul 9 13:50:01 localhost crond(pam_unix)[9636]: session opened for user root by (uid=0)
Jul 9 13:50:01 localhost crond(pam_unix)[9638]: session opened for user root by (uid=0)
Jul 9 13:50:01 localhost crond(pam_unix)[9638]: session closed for user root
Jul 9 13:50:01 localhost crond(pam_unix)[9636]: session closed for user root
Jul 9 13:55:01 localhost crond(pam_unix)[9641]: session opened for user root by (uid=0)
Jul 9 13:55:02 localhost crond(pam_unix)[9641]: session closed for user root
Jul 9 14:00:01 localhost crond(pam_unix)[9643]: session opened for user root by (uid=0)
Jul 9 14:00:01 localhost crond(pam_unix)[9644]: session opened for user root by (uid=0)
Jul 9 14:00:01 localhost crond(pam_unix)[9644]: session closed for user root
Jul 9 14:00:01 localhost crond(pam_unix)[9643]: session closed for user root
Jul 9 14:01:01 localhost crond(pam_unix)[9648]: session opened for user root by (uid=0)
Jul 9 14:01:01 localhost crond(pam_unix)[9648]: session closed for user root
Jul 9 14:03:19 localhost kernel: e1000: eth0: e1000_watchdog: NIC Link is Down
Jul 9 14:05:01 localhost crond(pam_unix)[9658]: session opened for user root by (uid=0)
Jul 9 14:05:01 localhost crond(pam_unix)[9658]: session closed for user root
Jul 9 14:10:01 localhost crond(pam_unix)[9660]: session opened for user root by (uid=0)
Jul 9 14:10:01 localhost crond(pam_unix)[9661]: session opened for user root by (uid=0)
Jul 9 14:10:01 localhost crond(pam_unix)[9661]: session closed for user root
Jul 9 14:10:02 localhost crond(pam_unix)[9660]: session closed for user root
Jul 9 14:15:01 localhost crond(pam_unix)[9665]: session opened for user root by (uid=0)
Jul 9 14:15:01 localhost crond(pam_unix)[9665]: session closed for user root
Jul 9 14:20:01 localhost crond(pam_unix)[9668]: session opened for user root by (uid=0)
Jul 9 14:20:01 localhost crond(pam_unix)[9667]: session opened for user root by (uid=0)
Jul 9 14:20:01 localhost crond(pam_unix)[9668]: session closed for user root
Jul 9 14:20:01 localhost crond(pam_unix)[9667]: session closed for user root
Jul 9 14:25:01 localhost crond(pam_unix)[9672]: session opened for user root by (uid=0)
Jul 9 14:25:01 localhost crond(pam_unix)[9672]: session closed for user root
Jul 9 14:30:01 localhost crond(pam_unix)[9674]: session opened for user root by (uid=0)
Jul 9 14:30:01 localhost crond(pam_unix)[9676]: session opened for user root by (uid=0)
Jul 9 14:30:02 localhost crond(pam_unix)[9676]: session closed for user root
Jul 9 14:30:02 localhost crond(pam_unix)[9674]: session closed for user root
Jul 9 14:35:01 localhost crond(pam_unix)[9679]: session opened for user root by (uid=0)
Jul 9 14:35:01 localhost crond(pam_unix)[9679]: session closed for user root
Jul 9 14:40:01 localhost crond(pam_unix)[9681]: session opened for user root by (uid=0)
Jul 9 14:40:01 localhost crond(pam_unix)[9682]: session opened for user root by (uid=0)
Jul 9 14:40:01 localhost crond(pam_unix)[9682]: session closed for user root
Jul 9 14:40:01 localhost crond(pam_unix)[9681]: session closed for user root
Jul 9 14:41:38 localhost shutdown: shutting down for system halt
Jul 9 14:41:38 localhost init: Switching to runlevel: 0
Jul 9 14:41:40 localhost cups-config-daemon: cups-config-daemon -TERM succeeded
Jul 9 14:41:40 localhost haldaemon: haldaemon -TERM succeeded
Jul 9 14:41:40 localhost messagebus: messagebus -TERM succeeded
Jul 9 14:41:40 localhost dbus: avc: 3 AV entries and 3/512 buckets used, longest chain length 1
Jul 9 14:41:41 localhost gpm[2381]: *** info [mice.c(1766)]:
Jul 9 14:41:41 localhost gpm[2381]: imps2: Auto-detected intellimouse PS/2
Jul 9 14:41:42 localhost atd: atd shutdown succeeded
Jul 9 14:41:42 localhost cups: cupsd shutdown succeeded
Jul 9 14:41:42 localhost xfs[2486]: terminating
Jul 9 14:41:42 localhost xfs: xfs shutdown succeeded      
--------------------next---------------------

阅读(447) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~