Hi there, I'm knew to the program called logchecker and today i got following message:
kai-router 2003/05/15 23:02 ACTIVE SYSTEM ATTACK! Cleaned rules files exist in /var/lib/logcheck/cleaned directory that cannot be removed. This may be an attempt to spoof the log checker. i don't understand what this message means. and i dont fing good how-to's, documentations or stuff like this about warnings caused by logcheck there are some other suspicious (to me) log entries: May 15 09:25:46 kai-router pppoe[180]: Bogus PPPoE length field (1262) May 15 09:27:25 kai-router pppoe[180]: Bogus PPPoE length field (111) May 15 09:27:33 kai-router pppoe[180]: Bogus PPPoE length field (111) May 15 09:27:33 kai-router pppoe[180]: Bogus PPPoE length field (48) May 15 09:27:33 kai-router pppoe[180]: Bogus PPPoE length field (111) May 15 09:27:33 kai-router pppoe[180]: Bogus PPPoE length field (48) May 15 09:28:37 kai-router pppoe[180]: Bogus PPPoE length field (111) May 15 09:28:39 kai-router pppoe[180]: Bogus PPPoE length field (111) May 15 09:29:42 kai-router pppoe[180]: Bogus PPPoE length field (50) May 15 09:36:45 kai-router pppoe[180]: Bogus PPPoE length field (623) May 15 09:36:48 kai-router pppoe[180]: Bogus PPPoE length field (111) May 15 09:37:07 kai-router pppoe[180]: Bogus PPPoE length field (111) May 15 09:47:18 kai-router pppoe[180]: Bogus PPPoE length field (172) i get them day by day, since a week or so. I use a adsl connection. so my final question "have i been hacked" ??? yours Andreas Vitz
