Posted: 2009/08/17 03:23:38
by jambroo

Services on our centos 4.7 server have been playing up today. I first logged in because our calendar sharing service was not working and found that /var/log/messages and other logs were blank. I thought that was a bit weird and then saw that the syslogd service was not on..

I thought it was strange for that to be stopped and thought maybe someone had hacked in and disabled logging to cover their tracks. I have only enabled ssh access from specific trusted IPs so I am hoping this is not the case.

Our bind service then crashed with this log entry in messages:
[code]Aug 17 12:11:17 www named: failed[/code]

It restarted itself but i noticed around the same time our mail service had stopped. There was no log entry for that, though.

Is there anything you can suggest I do - i am watching the /var/log/messages file closely and have changed the root password.


Posted: 2009/08/19 09:36:18
by ben29
look on named you have yo enable the debug:
[code]named -d 3 [/code]
so if you reload or restart the named services
he open some with the name
on root dir.
so on this file you can see all the erros.