Sep 4 04:02:16 hal syslogd 1.4.1: restart. Sep 4 04:02:16 hal syslogd 1.4.1: restart. Sep 4 06:01:26 hal snort[2592]: INFO => [Alert_FWsam] Had to use initial key! Sep 4 06:01:26 hal snort[2592]: INFO => [Alert_FWsam](FWsamCheckIn) Connected to host 127.0.0.1. Sep 4 23:57:17 hal shutdown: shutting down for system halt Sep 4 23:57:17 hal init: Switching to runlevel: 0 Sep 4 23:57:23 hal suvad: Stopping suvad: Sep 4 23:57:23 hal suvad: succeeded Sep 4 23:57:23 hal suvad:  Sep 4 23:57:23 hal suvad: Sep 4 23:57:23 hal rc: Stopping suvad: succeeded Sep 4 23:57:23 hal syswatch: syswatch shutdown succeeded Sep 4 23:57:23 hal saslauthd[2447]: server_exit : master exited: 2447 Sep 4 23:57:24 hal saslauthd: saslauthd shutdown succeeded Sep 4 23:57:24 hal gpm: gpm shutdown succeeded Sep 4 23:57:24 hal sshd: sshd shutdown succeeded Sep 4 23:57:24 hal squeezeboxserver: squeezeboxserver shutdown failed Sep 4 23:57:25 hal smb: smbd shutdown succeeded Sep 4 23:57:26 hal smb: nmbd shutdown succeeded Sep 4 23:57:29 hal mysqld: Stopping MySQL: succeeded Sep 4 23:57:29 hal webconfig: webconfig shutdown succeeded Sep 4 23:57:29 hal acpid: acpid shutdown succeeded Sep 4 23:57:30 hal crond: crond shutdown succeeded Sep 4 23:57:31 hal ldap: slapd shutdown succeeded Sep 4 23:57:31 hal ldap: slurpd shutdown succeeded Sep 4 23:57:31 hal kolabd[2459]: Kolab is shutting down Sep 4 23:57:31 hal kolabd: kolabd shutdown succeeded Sep 4 23:57:31 hal kernel: Kernel logging (proc) stopped. Sep 4 23:57:31 hal kernel: Kernel log daemon terminating. Sep 4 23:57:33 hal syslog: klogd shutdown succeeded Sep 4 23:57:33 hal exiting on signal 15 Sep 5 07:38:01 hal syslogd 1.4.1: restart. Sep 5 07:38:01 hal syslog: syslogd startup succeeded Sep 5 07:38:01 hal kernel: klogd 1.4.1, log source = /proc/kmsg started. Sep 5 07:38:01 hal syslog: klogd startup succeeded Sep 5 07:38:01 hal kernel: Inspecting /boot/System.map-2.6.18-53.1.13.2.cc Sep 5 07:38:01 hal kernel: Loaded 31104 symbols from /boot/System.map-2.6.18-53.1.13.2.cc. Sep 5 07:38:01 hal kernel: Symbols match kernel version 2.6.18. Sep 5 07:38:01 hal kernel: No module symbols loaded - kernel modules not enabled. Sep 5 07:38:01 hal kernel: Linux version 2.6.18-53.1.13.2.cc (darryl@cc4devel.lan) (gcc version 3.4.6 20060404 (Red Hat 3.4.6-8)) #1 SMP Wed Feb 27 18:26:42 EST 2008 Sep 5 07:38:01 hal kernel: BIOS-provided physical RAM map: Sep 5 07:38:01 hal kernel: BIOS-e820: 0000000000000000 - 000000000009f800 (usable) Sep 5 07:38:01 hal kernel: BIOS-e820: 000000000009f800 - 00000000000a0000 (reserved) Sep 5 07:38:01 hal kernel: BIOS-e820: 00000000000f0000 - 0000000000100000 (reserved) Sep 5 07:38:01 hal kernel: BIOS-e820: 0000000000100000 - 000000003bff0000 (usable) Sep 5 07:38:01 hal kernel: BIOS-e820: 000000003bff0000 - 000000003bff3000 (ACPI NVS) Sep 5 07:38:01 hal kernel: BIOS-e820: 000000003bff3000 - 000000003c000000 (ACPI data) Sep 5 07:38:01 hal kernel: BIOS-e820: 00000000fec00000 - 00000000fec01000 (reserved) Sep 5 07:38:01 hal kernel: BIOS-e820: 00000000fee00000 - 00000000fee01000 (reserved) Sep 5 07:38:01 hal kernel: BIOS-e820: 00000000ffff0000 - 0000000100000000 (reserved) Sep 5 07:38:01 hal kernel: 63MB HIGHMEM available. Sep 5 07:38:01 hal kernel: 896MB LOWMEM available. Sep 5 07:38:01 hal kernel: found SMP MP-table at 000f3800 Sep 5 07:38:01 hal kernel: Memory for crash kernel (0x0 to 0x0) notwithin permissible range Sep 5 07:38:01 hal kernel: disabling kdump Sep 5 07:38:01 hal kernel: Using x86 segment limits to approximate NX protection Sep 5 07:38:01 hal kernel: DMI 2.3 present. Sep 5 07:38:01 hal kernel: Using APIC driver default Sep 5 07:38:01 hal kernel: ACPI: acpi=force override Sep 5 07:38:01 hal kernel: ACPI: PM-Timer IO Port: 0x408 Sep 5 07:38:01 hal kernel: ACPI: LAPIC (acpi_id[0x00] lapic_id[0x00] enabled) Sep 5 07:38:01 hal kernel: Processor #0 6:10 APIC version 20 Sep 5 07:38:01 hal kernel: ACPI: LAPIC_NMI (acpi_id[0x00] high edge lint[0x1]) Sep 5 07:38:01 hal kernel: ACPI: IOAPIC (id[0x02] address[0xfec00000] gsi_base[0]) Sep 5 07:38:01 hal kernel: IOAPIC[0]: apic_id 2, version 3, address 0xfec00000, GSI 0-23 Sep 5 07:38:01 hal kernel: ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 dfl dfl) Sep 5 07:38:01 hal kernel: ACPI: INT_SRC_OVR (bus 0 bus_irq 9 global_irq 9 low level) Sep 5 07:38:01 hal kernel: Enabling APIC mode: Flat. Using 1 I/O APICs Sep 5 07:38:01 hal kernel: Using ACPI (MADT) for SMP configuration information Sep 5 07:38:01 hal kernel: Allocating PCI resources starting at 40000000 (gap: 3c000000:c2c00000) Sep 5 07:38:01 hal kernel: Detected 1197.100 MHz processor. Sep 5 07:38:01 hal kernel: Built 1 zonelists. Total pages: 245744 Sep 5 07:38:01 hal kernel: Kernel command line: ro root=/dev/VolGroup00/LogVol00 video=vga16fb vga=771 acpi=force Sep 5 07:38:01 hal kernel: Enabling fast FPU save and restore... done. Sep 5 07:38:01 hal kernel: Enabling unmasked SIMD FPU exception support... done. Sep 5 07:38:01 hal kernel: Initializing CPU#0 Sep 5 07:38:01 hal kernel: CPU 0 irqstacks, hard=c0765000 soft=c0745000 Sep 5 07:38:01 hal kernel: PID hash table entries: 4096 (order: 12, 16384 bytes) Sep 5 07:38:01 hal kernel: Console: colour dummy device 80x25 Sep 5 07:38:01 hal kernel: Dentry cache hash table entries: 131072 (order: 7, 524288 bytes) Sep 5 07:38:01 hal kernel: Inode-cache hash table entries: 65536 (order: 6, 262144 bytes) Sep 5 07:38:01 hal kernel: Memory: 968908k/982976k available (2163k kernel code, 13460k reserved, 915k data, 228k init, 65472k highmem) Sep 5 07:38:01 hal kernel: Checking if this processor honours the WP bit even in supervisor mode... Ok. Sep 5 07:38:01 hal kernel: Calibrating delay using timer specific routine.. 2395.97 BogoMIPS (lpj=1197988) Sep 5 07:38:01 hal kernel: Security Framework v1.0.0 initialized Sep 5 07:38:01 hal kernel: SELinux: Initializing. Sep 5 07:38:01 hal kernel: selinux_register_security: Registering secondary module capability Sep 5 07:38:01 hal kernel: Capability LSM initialized as secondary Sep 5 07:38:01 hal kernel: Mount-cache hash table entries: 512 Sep 5 07:38:01 hal kernel: CPU: L1 I Cache: 64K (64 bytes/line), D cache 64K (64 bytes/line) Sep 5 07:38:01 hal kernel: CPU: L2 Cache: 128K (64 bytes/line) Sep 5 07:38:01 hal kernel: Checking 'hlt' instruction... OK. Sep 5 07:38:01 hal kernel: SMP alternatives: switching to UP code Sep 5 07:38:01 hal kernel: Freeing SMP alternatives: 14k freed Sep 5 07:38:01 hal kernel: ACPI: Core revision 20060707 Sep 5 07:38:01 hal kernel: CPU0: Centaur VIA Esther processor 1200MHz stepping 09 Sep 5 07:38:01 hal kernel: Total of 1 processors activated (2395.97 BogoMIPS). Sep 5 07:38:01 hal kernel: ENABLING IO-APIC IRQs Sep 5 07:38:01 hal kernel: ..TIMER: vector=0x31 apic1=0 pin1=2 apic2=-1 pin2=-1 Sep 5 07:38:01 hal kernel: Brought up 1 CPUs Sep 5 07:38:01 hal kernel: checking if image is initramfs... it is Sep 5 07:38:01 hal kernel: Freeing initrd memory: 913k freed Sep 5 07:38:01 hal kernel: NET: Registered protocol family 16 Sep 5 07:38:01 hal kernel: ACPI: bus type pci registered Sep 5 07:38:01 hal kernel: PCI: PCI BIOS revision 2.10 entry at 0xf93b0, last bus=1 Sep 5 07:38:01 hal kernel: PCI: Using configuration type 1 Sep 5 07:38:01 hal kernel: Setting up standard PCI resources Sep 5 07:38:01 hal kernel: ACPI: Interpreter enabled Sep 5 07:38:01 hal kernel: ACPI: Using IOAPIC for interrupt routing Sep 5 07:38:01 hal kernel: ACPI: PCI Root Bridge [PCI0] (0000:00) Sep 5 07:38:01 hal kernel: ACPI: PCI Interrupt Link [LNKA] (IRQs 3 4 6 7 10 11 12) *5 Sep 5 07:38:01 hal kernel: ACPI: PCI Interrupt Link [LNKB] (IRQs 3 4 6 7 10 *11 12) Sep 5 07:38:01 hal kernel: ACPI: PCI Interrupt Link [LNKC] (IRQs 3 4 6 7 *10 11 12) Sep 5 07:38:01 hal kernel: ACPI: PCI Interrupt Link [LNKD] (IRQs 3 4 6 7 10 11 12) *0, disabled. Sep 5 07:38:01 hal kernel: ACPI: PCI Interrupt Link [LNKE] (IRQs 3 4 6 7 10 11 12) *0, disabled. Sep 5 07:38:01 hal kernel: ACPI: PCI Interrupt Link [LNKF] (IRQs 3 4 6 7 10 11 12) *0, disabled. Sep 5 07:38:01 hal kernel: ACPI: PCI Interrupt Link [LNK0] (IRQs 3 4 6 7 10 11 12) *0, disabled. Sep 5 07:38:01 hal kernel: ACPI: PCI Interrupt Link [LNK1] (IRQs 3 4 6 7 10 11 12) *0, disabled. Sep 5 07:38:01 hal kernel: ACPI: PCI Interrupt Link [ALKA] (IRQs *20) Sep 5 07:38:01 hal kernel: ACPI: PCI Interrupt Link [ALKB] (IRQs *21) Sep 5 07:38:01 hal kernel: ACPI: PCI Interrupt Link [ALKC] (IRQs *22) Sep 5 07:38:01 hal kernel: ACPI: PCI Interrupt Link [ALKD] (IRQs *23), disabled. Sep 5 07:38:01 hal kernel: Linux Plug and Play Support v0.97 (c) Adam Belay Sep 5 07:38:01 hal kernel: pnp: PnP ACPI init Sep 5 07:38:01 hal kernel: pnp: PnP ACPI: found 10 devices Sep 5 07:38:01 hal kernel: usbcore: registered new driver usbfs Sep 5 07:38:01 hal kernel: usbcore: registered new driver hub Sep 5 07:38:01 hal kernel: PCI: Using ACPI for IRQ routing Sep 5 07:38:01 hal kernel: PCI: If a device doesn't work, try "pci=routeirq". If it helps, post a report Sep 5 07:38:01 hal kernel: NetLabel: Initializing Sep 5 07:38:01 hal kernel: NetLabel: domain hash size = 128 Sep 5 07:38:01 hal kernel: NetLabel: protocols = UNLABELED CIPSOv4 Sep 5 07:38:01 hal kernel: NetLabel: unlabeled traffic allowed by default Sep 5 07:38:01 hal kernel: pnp: 00:02: ioport range 0x400-0x47f could not be reserved Sep 5 07:38:01 hal kernel: pnp: 00:02: ioport range 0x500-0x50f has been reserved Sep 5 07:38:01 hal kernel: PCI: Bridge: 0000:00:01.0 Sep 5 07:38:01 hal kernel: IO window: b000-bfff Sep 5 07:38:01 hal kernel: MEM window: fb000000-fcffffff Sep 5 07:38:01 hal kernel: PREFETCH window: f4000000-f7ffffff Sep 5 07:38:01 hal kernel: NET: Registered protocol family 2 Sep 5 07:38:01 hal kernel: IP route cache hash table entries: 32768 (order: 5, 131072 bytes) Sep 5 07:38:01 hal kernel: TCP established hash table entries: 131072 (order: 8, 1048576 bytes) Sep 5 07:38:01 hal kernel: TCP bind hash table entries: 65536 (order: 7, 524288 bytes) Sep 5 07:38:01 hal kernel: TCP: Hash tables configured (established 131072 bind 65536) Sep 5 07:38:01 hal kernel: TCP reno registered Sep 5 07:38:01 hal kernel: apm: BIOS version 1.2 Flags 0x07 (Driver version 1.16ac) Sep 5 07:38:01 hal kernel: apm: overridden by ACPI. Sep 5 07:38:01 hal kernel: audit: initializing netlink socket (disabled) Sep 5 07:38:01 hal kernel: audit(1252136224.843:1): initialized Sep 5 07:38:01 hal kernel: highmem bounce pool size: 64 pages Sep 5 07:38:01 hal kernel: Total HugeTLB memory allocated, 0 Sep 5 07:38:01 hal kernel: VFS: Disk quotas dquot_6.5.1 Sep 5 07:38:01 hal kernel: Dquot-cache hash table entries: 1024 (order 0, 4096 bytes) Sep 5 07:38:01 hal kernel: Initializing Cryptographic API Sep 5 07:38:01 hal kernel: ksign: Installing public key data Sep 5 07:38:01 hal kernel: Loading keyring Sep 5 07:38:01 hal kernel: io scheduler noop registered Sep 5 07:38:01 hal kernel: io scheduler anticipatory registered Sep 5 07:38:01 hal kernel: io scheduler deadline registered Sep 5 07:38:01 hal kernel: io scheduler cfq registered (default) Sep 5 07:38:01 hal kernel: PCI: Bypassing VIA 8237 APIC De-Assert Message Sep 5 07:38:01 hal kernel: pci_hotplug: PCI Hot Plug PCI Core version: 0.5 Sep 5 07:38:01 hal kernel: vesafb: framebuffer at 0xf4000000, mapped to 0xf8880000, using 937k, total 65536k Sep 5 07:38:01 hal kernel: vesafb: mode is 800x600x8, linelength=800, pages=127 Sep 5 07:38:01 hal kernel: vesafb: protected mode interface info at c000:aa5e Sep 5 07:38:01 hal kernel: vesafb: pmi: set display start = c00caaac, set palette = c00cab1d Sep 5 07:38:01 hal kernel: vesafb: scrolling: redraw Sep 5 07:38:01 hal kernel: vesafb: Pseudocolor: size=8:8:8:8, shift=0:0:0:0 Sep 5 07:38:01 hal kernel: Console: switching to colour frame buffer device 100x37 Sep 5 07:38:01 hal kernel: fb0: VESA VGA frame buffer device Sep 5 07:38:01 hal kernel: ACPI: Fan [FAN] (on) Sep 5 07:38:01 hal kernel: ACPI: CPU0 (power states: C1[C1] C2[C2] C3[C3]) Sep 5 07:38:01 hal kernel: ACPI: Processor [CPU0] (supports 2 throttling states) Sep 5 07:38:01 hal kernel: ACPI: Thermal Zone [THRM] (28 C) Sep 5 07:38:01 hal kernel: isapnp: Scanning for PnP cards... Sep 5 07:38:01 hal kernel: isapnp: No Plug & Play device found Sep 5 07:38:01 hal kernel: Real Time Clock Driver v1.12ac Sep 5 07:38:01 hal kernel: Non-volatile memory driver v1.2 Sep 5 07:38:01 hal kernel: Linux agpgart interface v0.101 (c) Dave Jones Sep 5 07:38:01 hal kernel: agpgart: Detected VIA P4M800CE chipset Sep 5 07:38:01 hal kernel: agpgart: AGP aperture is 128M @ 0xe8000000 Sep 5 07:38:01 hal kernel: Serial: 8250/16550 driver $Revision: 1.90 $ 4 ports, IRQ sharing enabled Sep 5 07:38:01 hal kernel: serial8250: ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A Sep 5 07:38:01 hal kernel: serial8250: ttyS1 at I/O 0x2f8 (irq = 3) is a 16550A Sep 5 07:38:01 hal kernel: 00:08: ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A Sep 5 07:38:01 hal kernel: 00:09: ttyS1 at I/O 0x2f8 (irq = 3) is a 16550A Sep 5 07:38:01 hal kernel: Floppy drive(s): fd0 is unknown type 15 (usb?), fd1 is unknown type 15 (usb?) Sep 5 07:38:01 hal kernel: floppy0: no floppy controllers found Sep 5 07:38:01 hal kernel: RAMDISK driver initialized: 16 RAM disks of 16384K size 4096 blocksize Sep 5 07:38:01 hal kernel: Uniform Multi-Platform E-IDE driver Revision: 7.00alpha2 Sep 5 07:38:01 hal kernel: ide: Assuming 33MHz system bus speed for PIO modes; override with idebus=xx Sep 5 07:38:01 hal kernel: VP_IDE: IDE controller at PCI slot 0000:00:0f.1 Sep 5 07:38:01 hal kernel: ACPI: PCI Interrupt Link [ALKA] enabled at IRQ 20 Sep 5 07:38:01 hal kernel: ACPI: PCI Interrupt 0000:00:0f.1[A] -> Link [ALKA] -> GSI 20 (level, low) -> IRQ 169 Sep 5 07:38:01 hal kernel: PCI: VIA IRQ fixup for 0000:00:0f.1, from 255 to 9 Sep 5 07:38:01 hal kernel: VP_IDE: chipset revision 6 Sep 5 07:38:01 hal kernel: VP_IDE: not 100% native mode: will probe irqs later Sep 5 07:38:01 hal kernel: VP_IDE: VIA vt8237 (rev 00) IDE UDMA133 controller on pci0000:00:0f.1 Sep 5 07:38:01 hal kernel: ide0: BM-DMA at 0xdc00-0xdc07, BIOS settings: hda:DMA, hdb:DMA Sep 5 07:38:01 hal kernel: ide1: BM-DMA at 0xdc08-0xdc0f, BIOS settings: hdc:pio, hdd:pio Sep 5 07:38:01 hal kernel: hda: MC8GE08G5MPP, ATA DISK drive Sep 5 07:38:01 hal kernel: hdb: TSSTcorpDVD-ROM SH-D162D, ATAPI CD/DVD-ROM drive Sep 5 07:38:01 hal kernel: ide0 at 0x1f0-0x1f7,0x3f6 on irq 14 Sep 5 07:38:01 hal kernel: hda: max request size: 128KiB Sep 5 07:38:01 hal kernel: hda: 15649200 sectors (8012 MB), CHS=15525/16/63, UDMA(66) Sep 5 07:38:01 hal kernel: hda: cache flushes supported Sep 5 07:38:01 hal kernel: hda: hda1 hda2 Sep 5 07:38:01 hal kernel: ide-floppy driver 0.99.newide Sep 5 07:38:01 hal kernel: usbcore: registered new driver hiddev Sep 5 07:38:01 hal kernel: usbcore: registered new driver usbhid Sep 5 07:38:01 hal kernel: drivers/usb/input/hid-core.c: v2.6:USB HID core driver Sep 5 07:38:01 hal kernel: PNP: No PS/2 controller found. Probing ports directly. Sep 5 07:38:01 hal kernel: serio: i8042 KBD port at 0x60,0x64 irq 1 Sep 5 07:38:01 hal kernel: mice: PS/2 mouse device common for all mice Sep 5 07:38:01 hal kernel: md: md driver 0.90.3 MAX_MD_DEVS=256, MD_SB_DISKS=27 Sep 5 07:38:01 hal kernel: md: bitmap version 4.39 Sep 5 07:38:01 hal kernel: TCP bic registered Sep 5 07:38:01 hal kernel: Initializing IPsec netlink socket Sep 5 07:38:01 hal kernel: NET: Registered protocol family 1 Sep 5 07:38:01 hal kernel: NET: Registered protocol family 17 Sep 5 07:38:01 hal kernel: Using IPI No-Shortcut mode Sep 5 07:38:01 hal kernel: ACPI: (supports S0 S3 S4 S5) Sep 5 07:38:01 hal kernel: Time: tsc clocksource has been installed. Sep 5 07:38:01 hal kernel: Freeing unused kernel memory: 228k freed Sep 5 07:38:01 hal kernel: Time: acpi_pm clocksource has been installed. Sep 5 07:38:01 hal kernel: Write protecting the kernel read-only data: 386k Sep 5 07:38:01 hal kernel: SCSI subsystem initialized Sep 5 07:38:01 hal kernel: ACPI: PCI Interrupt 0000:00:0f.0[B] -> Link [ALKA] -> GSI 20 (level, low) -> IRQ 169 Sep 5 07:38:01 hal kernel: sata_via 0000:00:0f.0: routed to hard irq line 11 Sep 5 07:38:01 hal kernel: scsi0 : sata_via Sep 5 07:38:01 hal kernel: scsi1 : sata_via Sep 5 07:38:01 hal kernel: ata1: SATA max UDMA/133 cmd 0x0001f400 ctl 0x0001f002 bmdma 0x0001e400 irq 169 Sep 5 07:38:01 hal kernel: ata2: SATA max UDMA/133 cmd 0x0001ec00 ctl 0x0001e802 bmdma 0x0001e408 irq 169 Sep 5 07:38:01 hal kernel: ata1: SATA link up 1.5 Gbps (SStatus 113 SControl 300) Sep 5 07:38:01 hal kernel: ata1.00: ATA-8: WDC WD1000FYPS-01ZKB0, 02.01B01, max UDMA/133 Sep 5 07:38:01 hal kernel: ata1.00: 1953525168 sectors, multi 16: LBA48 NCQ (depth 0/32) Sep 5 07:38:01 hal kernel: ata1.00: configured for UDMA/133 Sep 5 07:38:01 hal kernel: ata2: SATA link down 1.5 Gbps (SStatus 0 SControl 300) Sep 5 07:38:01 hal kernel: Vendor: ATA Model: WDC WD1000FYPS-0 Rev: 02.0 Sep 5 07:38:01 hal kernel: Type: Direct-Access ANSI SCSI revision: 05 Sep 5 07:38:01 hal kernel: SCSI device sda: 1953525168 512-byte hdwr sectors (1000205 MB) Sep 5 07:38:01 hal kernel: sda: Write Protect is off Sep 5 07:38:01 hal kernel: SCSI device sda: drive cache: write back Sep 5 07:38:01 hal kernel: SCSI device sda: 1953525168 512-byte hdwr sectors (1000205 MB) Sep 5 07:38:01 hal kernel: sda: Write Protect is off Sep 5 07:38:01 hal kernel: SCSI device sda: drive cache: write back Sep 5 07:38:01 hal kernel: sda: sda1 Sep 5 07:38:01 hal kernel: sd 0:0:0:0: Attached scsi disk sda Sep 5 07:38:01 hal kernel: device-mapper: ioctl: 4.11.0-ioctl (2006-09-14) initialised: dm-devel@redhat.com Sep 5 07:38:01 hal kernel: SELinux: Disabled at runtime. Sep 5 07:38:01 hal kernel: audit(1252136231.941:2): selinux=0 auid=4294967295 Sep 5 07:38:01 hal kernel: VIA Networking Velocity Family Gigabit Ethernet Adapter Driver Ver. 1.13 Sep 5 07:38:01 hal kernel: Copyright (c) 2002, 2003 VIA Networking Technologies, Inc. Sep 5 07:38:01 hal kernel: Copyright (c) 2004 Red Hat Inc. Sep 5 07:38:01 hal kernel: ACPI: PCI Interrupt 0000:00:0e.0[A] -> GSI 18 (level, low) -> IRQ 177 Sep 5 07:38:01 hal kernel: eth0: VIA Networking Velocity Family Gigabit Ethernet Adapter Sep 5 07:38:01 hal kernel: eth0: Ethernet Address: 00:40:63:F2:0B:C3 Sep 5 07:38:01 hal kernel: ACPI: PCI Interrupt Link [ALKC] enabled at IRQ 22 Sep 5 07:38:01 hal kernel: ACPI: PCI Interrupt 0000:00:11.5[C] -> Link [ALKC] -> GSI 22 (level, low) -> IRQ 185 Sep 5 07:38:01 hal kernel: viafb: VIA UNICHROME framebuffer 1.0 initializing Sep 5 07:38:01 hal kernel: viafb: viafb : F8B80000 Sep 5 07:38:01 hal kernel: viafb: framebuffer size = 64 Mb Sep 5 07:38:01 hal kernel: viafb: request_mem_region for framebuffer failed! Sep 5 07:38:01 hal kernel: viafb: probe of 0000:01:00.0 failed with error -1 Sep 5 07:38:01 hal kernel: ACPI: PCI Interrupt Link [ALKB] enabled at IRQ 21 Sep 5 07:38:01 hal kernel: ACPI: PCI Interrupt 0000:00:10.4[C] -> Link [ALKB] -> GSI 21 (level, low) -> IRQ 193 Sep 5 07:38:01 hal kernel: PCI: VIA IRQ fixup for 0000:00:10.4, from 10 to 1 Sep 5 07:38:01 hal kernel: ehci_hcd 0000:00:10.4: EHCI Host Controller Sep 5 07:38:01 hal kernel: ehci_hcd 0000:00:10.4: new USB bus registered, assigned bus number 1 Sep 5 07:38:01 hal kernel: ehci_hcd 0000:00:10.4: irq 193, io mem 0xfdffd000 Sep 5 07:38:01 hal kernel: ehci_hcd 0000:00:10.4: USB 2.0 started, EHCI 1.00, driver 10 Dec 2004 Sep 5 07:38:01 hal kernel: usb usb1: configuration #1 chosen from 1 choice Sep 5 07:38:01 hal kernel: hub 1-0:1.0: USB hub found Sep 5 07:38:01 hal kernel: hub 1-0:1.0: 6 ports detected Sep 5 07:38:01 hal kernel: USB Universal Host Controller Interface driver v3.0 Sep 5 07:38:01 hal kernel: ACPI: PCI Interrupt 0000:00:10.0[A] -> Link [ALKB] -> GSI 21 (level, low) -> IRQ 193 Sep 5 07:38:01 hal kernel: PCI: VIA IRQ fixup for 0000:00:10.0, from 5 to 1 Sep 5 07:38:01 hal kernel: uhci_hcd 0000:00:10.0: UHCI Host Controller Sep 5 07:38:01 hal kernel: uhci_hcd 0000:00:10.0: new USB bus registered, assigned bus number 2 Sep 5 07:38:01 hal kernel: uhci_hcd 0000:00:10.0: irq 193, io base 0x0000d800 Sep 5 07:38:01 hal kernel: usb usb2: configuration #1 chosen from 1 choice Sep 5 07:38:01 hal kernel: hub 2-0:1.0: USB hub found Sep 5 07:38:01 hal kernel: hub 2-0:1.0: 2 ports detected Sep 5 07:38:01 hal kernel: ACPI: PCI Interrupt 0000:00:10.1[A] -> Link [ALKB] -> GSI 21 (level, low) -> IRQ 193 Sep 5 07:38:01 hal kernel: PCI: VIA IRQ fixup for 0000:00:10.1, from 5 to 1 Sep 5 07:38:01 hal kernel: uhci_hcd 0000:00:10.1: UHCI Host Controller Sep 5 07:38:01 hal kernel: uhci_hcd 0000:00:10.1: new USB bus registered, assigned bus number 3 Sep 5 07:38:01 hal kernel: uhci_hcd 0000:00:10.1: irq 193, io base 0x0000d400 Sep 5 07:38:01 hal kernel: usb usb3: configuration #1 chosen from 1 choice Sep 5 07:38:01 hal kernel: hub 3-0:1.0: USB hub found Sep 5 07:38:01 hal kernel: hub 3-0:1.0: 2 ports detected Sep 5 07:38:01 hal kernel: ACPI: PCI Interrupt 0000:00:10.2[B] -> Link [ALKB] -> GSI 21 (level, low) -> IRQ 193 Sep 5 07:38:01 hal kernel: PCI: VIA IRQ fixup for 0000:00:10.2, from 11 to 1 Sep 5 07:38:01 hal kernel: uhci_hcd 0000:00:10.2: UHCI Host Controller Sep 5 07:38:01 hal kernel: uhci_hcd 0000:00:10.2: new USB bus registered, assigned bus number 4 Sep 5 07:38:01 hal kernel: uhci_hcd 0000:00:10.2: irq 193, io base 0x0000d000 Sep 5 07:38:01 hal kernel: usb usb4: configuration #1 chosen from 1 choice Sep 5 07:38:01 hal kernel: hub 4-0:1.0: USB hub found Sep 5 07:38:01 hal kernel: hub 4-0:1.0: 2 ports detected Sep 5 07:38:01 hal kernel: md: Autodetecting RAID arrays. Sep 5 07:38:01 hal kernel: md: autorun ... Sep 5 07:38:01 hal kernel: md: ... autorun DONE. Sep 5 07:38:01 hal kernel: ACPI: Power Button (FF) [PWRF] Sep 5 07:38:01 hal kernel: ACPI: Power Button (CM) [PWRB] Sep 5 07:38:01 hal kernel: ACPI: Sleep Button (CM) [SLPB] Sep 5 07:38:01 hal kernel: ibm_acpi: Unknown symbol backlight_device_unregister Sep 5 07:38:01 hal kernel: ibm_acpi: Unknown symbol backlight_device_register Sep 5 07:38:01 hal kernel: kjournald starting. Commit interval 5 seconds Sep 5 07:38:01 hal kernel: EXT3 FS on sda1, internal journal Sep 5 07:38:01 hal kernel: EXT3-fs: mounted filesystem with ordered data mode. Sep 5 07:38:01 hal kernel: Adding 1966072k swap on /dev/VolGroup00/LogVol01. Priority:-1 extents:1 across:1966072k Sep 5 07:38:01 hal kernel: ACPI: PCI Interrupt 0000:00:0d.0[A] -> GSI 17 (level, low) -> IRQ 201 Sep 5 07:38:01 hal kernel: firewire_ohci: Added fw-ohci device 0000:00:0d.0, OHCI version 1.10 Sep 5 07:38:01 hal kernel: ip_tables: (C) 2000-2006 Netfilter Core Team Sep 5 07:38:01 hal kernel: firewire_core: created new fw device fw0 (0 config rom retries) Sep 5 07:38:01 hal kernel: ip_tables: (C) 2000-2006 Netfilter Core Team Sep 5 07:38:01 hal kernel: Velocity is AUTO mode Sep 5 07:38:01 hal kernel: eth0: Link autonegation speed 100M bps full duplex Sep 5 07:38:01 hal kernel: ip_tables: (C) 2000-2006 Netfilter Core Team Sep 5 07:38:01 hal kernel: Netfilter messages via NETLINK v0.30. Sep 5 07:38:01 hal kernel: ip_conntrack version 2.4 (7679 buckets, 61432 max) - 228 bytes per conntrack Sep 5 07:38:02 hal kernel: CSLIP: code copyright 1989 Regents of the University of California Sep 5 07:38:02 hal kernel: PPP generic driver version 2.4.2 Sep 5 07:38:02 hal kernel: PPP MPPE Compression module registered Sep 5 07:38:02 hal kernel: ip_conntrack_pptp version 3.1 loaded Sep 5 07:38:02 hal firewall: succeeded Sep 5 07:38:03 hal netfs: Mounting other filesystems: succeeded Sep 5 07:37:33 hal rc.sysinit: -e Sep 5 07:37:33 hal rc.sysinit: -e Sep 5 07:37:33 hal sysctl: net.ipv4.ip_forward = 0 Sep 5 07:37:33 hal sysctl: net.ipv4.conf.default.rp_filter = 1 Sep 5 07:37:33 hal sysctl: net.ipv4.conf.default.accept_source_route = 0 Sep 5 07:37:33 hal sysctl: kernel.sysrq = 0 Sep 5 07:37:33 hal sysctl: kernel.core_uses_pid = 1 Sep 5 07:37:33 hal rc.sysinit: Configuring kernel parameters: succeeded Sep 5 07:37:33 hal date: Sat Sep 5 07:37:33 CEST 2009 Sep 5 07:37:33 hal rc.sysinit: Setting clock (localtime): Sat Sep 5 07:37:33 CEST 2009 succeeded Sep 5 07:37:33 hal rc.sysinit: Loading default keymap succeeded Sep 5 07:37:33 hal rc.sysinit: Setting hostname hal.home.lan: succeeded Sep 5 07:37:33 hal fsck: /dev/VolGroup00/LogVol00: clean, 85940/712704 files, 1270996/5701632 blocks Sep 5 07:37:33 hal rc.sysinit: Checking root filesystem succeeded Sep 5 07:37:33 hal rc.sysinit: Remounting root filesystem in read-write mode: succeeded Sep 5 07:37:35 hal lvm.static: 2 logical volume(s) in volume group VolGroup00 now active Sep 5 07:37:35 hal rc.sysinit: Setting up Logical Volume Management: succeeded Sep 5 07:37:35 hal fsck: /boot: clean, 34/13104 files, 5828/104388 blocks Sep 5 07:37:35 hal fsck: /dev/sda1: clean, 24364/122109952 files, 131191670/244190000 blocks Sep 5 07:37:35 hal rc.sysinit: Checking filesystems succeeded Sep 5 07:37:36 hal rc.sysinit: Mounting local filesystems: succeeded Sep 5 07:37:36 hal rc.sysinit: Enabling local filesystem quotas: succeeded Sep 5 07:37:36 hal rc.sysinit: Enabling swap space: succeeded Sep 5 07:37:36 hal init: Entering runlevel: 3 Sep 5 07:37:37 hal vgchange: 2 logical volume(s) in volume group "VolGroup00" monitored Sep 5 07:37:37 hal lvm2-monitor: Starting monitoring for VG VolGroup00: succeeded Sep 5 07:37:55 hal kudzu: succeeded Sep 5 07:37:55 hal sysctl: net.ipv4.ip_forward = 0 Sep 5 07:37:55 hal sysctl: net.ipv4.conf.default.rp_filter = 1 Sep 5 07:37:55 hal sysctl: net.ipv4.conf.default.accept_source_route = 0 Sep 5 07:37:55 hal sysctl: kernel.sysrq = 0 Sep 5 07:37:55 hal sysctl: kernel.core_uses_pid = 1 Sep 5 07:37:55 hal network: Setting network parameters: succeeded Sep 5 07:37:56 hal network: Bringing up loopback interface: succeeded Sep 5 07:38:00 hal network: Bringing up interface eth0: succeeded Sep 5 07:38:03 hal ldap: succeeded Sep 5 07:38:03 hal ldap: slapd startup succeeded Sep 5 07:38:03 hal ldap: slurpd startup succeeded Sep 5 07:38:04 hal acpid: acpid startup succeeded Sep 5 07:38:04 hal kernel: NET: Registered protocol family 10 Sep 5 07:38:04 hal kernel: lo: Disabled Privacy Extensions Sep 5 07:38:04 hal kernel: IPv6 over IPv4 tunneling driver Sep 5 07:38:04 hal sshd: succeeded Sep 5 07:38:05 hal webconfig: webconfig startup succeeded Sep 5 07:38:07 hal mysqld: Starting MySQL: succeeded Sep 5 07:38:12 hal runuser: [09-09-05 07:38:12.0817] main::init (320) Starting Squeezebox Server (v7.4, r28420, Thu Sep 3 04:02:25 PDT 2009) perl 5.008008 Sep 5 07:38:12 hal squeezeboxserver: squeezeboxserver startup succeeded Sep 5 07:38:12 hal gpm[2251]: *** info [startup.c(95)]: Sep 5 07:38:12 hal gpm[2251]: Started gpm successfully. Entered daemon mode. Sep 5 07:38:13 hal gpm: gpm startup succeeded Sep 5 07:38:13 hal crond: crond startup succeeded Sep 5 07:38:14 hal smb: smbd startup succeeded Sep 5 07:38:14 hal smb: nmbd startup succeeded Sep 5 07:38:15 hal saslauthd[2337]: detach_tty : master pid is: 2337 Sep 5 07:38:15 hal saslauthd[2337]: ipc_init : listening on socket: /var/run/saslauthd/mux Sep 5 07:38:15 hal saslauthd: saslauthd startup succeeded Sep 5 07:38:15 hal kolabd: Starting kolabd: Sep 5 07:38:15 hal kolabd: succeeded Sep 5 07:38:15 hal kolabd:  Sep 5 07:38:15 hal kolabd: Sep 5 07:38:15 hal rc: Starting kolabd: succeeded Sep 5 07:38:22 hal kolabd[2349]: Kolab is starting up Sep 5 07:38:28 hal snortsam: snortsam startup succeeded Sep 5 07:38:32 hal kernel: eth0: Promiscuous mode enabled. Sep 5 07:38:32 hal kernel: device eth0 entered promiscuous mode Sep 5 07:38:32 hal kernel: audit(1252129112.156:3): dev=eth0 prom=256 old_prom=0 auid=4294967295 Sep 5 07:38:32 hal snort[2482]: Initializing daemon mode Sep 5 07:38:32 hal snort: snort startup succeeded Sep 5 07:38:32 hal snort[2483]: PID path stat checked out ok, PID path set to /var/run/ Sep 5 07:38:32 hal snort[2483]: Writing PID "2483" to file "/var/run//snort_eth0.pid" Sep 5 07:38:32 hal suvad: Starting suvad: Sep 5 07:38:32 hal snort[2483]: Parsing Rules file /etc/snort.conf Sep 5 07:38:32 hal snort[2483]: ,-----------[Flow Config]---------------------- Sep 5 07:38:32 hal snort[2483]: | Stats Interval: 0 Sep 5 07:38:32 hal snort[2483]: | Hash Method: 2 Sep 5 07:38:32 hal snort[2483]: | Memcap: 10485760 Sep 5 07:38:32 hal snort[2483]: | Rows : 4099 Sep 5 07:38:32 hal snort[2483]: | Overhead Bytes: 16400(%0.16) Sep 5 07:38:32 hal snort[2483]: `---------------------------------------------- Sep 5 07:38:32 hal snort[2483]: Frag3 global config: Sep 5 07:38:32 hal snort[2483]: Max frags: 65536 Sep 5 07:38:32 hal snort[2483]: Fragment memory cap: 4194304 bytes Sep 5 07:38:32 hal snort[2483]: Frag3 engine config: Sep 5 07:38:32 hal snort[2483]: Target-based policy: FIRST Sep 5 07:38:32 hal snort[2483]: Fragment timeout: 60 seconds Sep 5 07:38:32 hal snort[2483]: Fragment min_ttl: 1 Sep 5 07:38:32 hal snort[2483]: Fragment ttl_limit: 5 Sep 5 07:38:32 hal snort[2483]: Fragment Problems: 1 Sep 5 07:38:32 hal snort[2483]: Bound Addresses: 0.0.0.0/0.0.0.0 Sep 5 07:38:32 hal snort[2483]: Stream4 config: Sep 5 07:38:32 hal snort[2483]: Stateful inspection: ACTIVE Sep 5 07:38:32 hal snort[2483]: Session statistics: INACTIVE Sep 5 07:38:32 hal snort[2483]: Session timeout: 30 seconds Sep 5 07:38:32 hal snort[2483]: Session memory cap: 8388608 bytes Sep 5 07:38:32 hal snort[2483]: Session count max: 8192 sessions Sep 5 07:38:32 hal snort[2483]: Session cleanup count: 5 Sep 5 07:38:32 hal snort[2483]: State alerts: INACTIVE Sep 5 07:38:32 hal snort[2483]: Evasion alerts: INACTIVE Sep 5 07:38:32 hal snort[2483]: Scan alerts: INACTIVE Sep 5 07:38:32 hal snort[2483]: Log Flushed Streams: INACTIVE Sep 5 07:38:32 hal snort[2483]: MinTTL: 1 Sep 5 07:38:32 hal snort[2483]: TTL Limit: 5 Sep 5 07:38:32 hal snort[2483]: Async Link: 0 Sep 5 07:38:32 hal snort[2483]: State Protection: 0 Sep 5 07:38:32 hal snort[2483]: Self preservation threshold: 50 Sep 5 07:38:32 hal snort[2483]: Self preservation period: 90 Sep 5 07:38:32 hal snort[2483]: Suspend threshold: 200 Sep 5 07:38:32 hal snort[2483]: Suspend period: 30 Sep 5 07:38:32 hal snort[2483]: Enforce TCP State: INACTIVE Sep 5 07:38:32 hal snort[2483]: Midstream Drop Alerts: INACTIVE Sep 5 07:38:32 hal snort[2483]: Server Data Inspection Limit: -1 Sep 5 07:38:32 hal snort[2483]: WARNING /etc/snort.conf(373) => flush_behavior set in config file, using old static flushpoints (0) Sep 5 07:38:32 hal snort[2483]: Stream4_reassemble config: Sep 5 07:38:32 hal snort[2483]: Server reassembly: INACTIVE Sep 5 07:38:32 hal snort[2483]: Client reassembly: ACTIVE Sep 5 07:38:32 hal snort[2483]: Reassembler alerts: ACTIVE Sep 5 07:38:32 hal snort[2483]: Zero out flushed packets: INACTIVE Sep 5 07:38:32 hal snort[2483]: Flush stream on alert: INACTIVE Sep 5 07:38:32 hal snort[2483]: flush_data_diff_size: 500 Sep 5 07:38:32 hal snort[2483]: Reassembler Packet Preferance : Favor Old Sep 5 07:38:32 hal snort[2483]: Packet Sequence Overlap Limit: -1 Sep 5 07:38:32 hal snort[2483]: Flush behavior: Small (<255 bytes) Sep 5 07:38:32 hal snort[2483]: Ports: 21 23 25 42 53 80 110 111 135 136 137 139 143 445 513 1433 1521 3306 Sep 5 07:38:32 hal snort[2483]: Emergency Ports: 21 23 25 42 53 80 110 111 135 136 137 139 143 445 513 1433 1521 3306 Sep 5 07:38:32 hal snort[2483]: rpc_decode arguments: Sep 5 07:38:32 hal snort[2483]: Ports to decode RPC on: 111 32771 Sep 5 07:38:32 hal snort[2483]: alert_fragments: INACTIVE Sep 5 07:38:32 hal snort[2483]: alert_large_fragments: ACTIVE Sep 5 07:38:32 hal snort[2483]: alert_incomplete: ACTIVE Sep 5 07:38:32 hal snort[2483]: alert_multiple_requests: ACTIVE Sep 5 07:38:32 hal snort[2483]: telnet_decode arguments: Sep 5 07:38:32 hal snort[2483]: Ports to decode telnet on: 21 23 25 119 Sep 5 07:38:32 hal snort[2483]: Portscan Detection Config: Sep 5 07:38:32 hal snort[2483]: Detect Protocols: TCP UDP ICMP IP Sep 5 07:38:32 hal snort[2483]: Detect Scan Type: portscan portsweep decoy_portscan distributed_portscan Sep 5 07:38:32 hal snort[2483]: Sensitivity Level: Low Sep 5 07:38:32 hal snort[2483]: Memcap (in bytes): 10000000 Sep 5 07:38:32 hal snort[2483]: Number of Nodes: 36900 Sep 5 07:38:32 hal snort[2483]: Sep 5 07:38:32 hal snort[2483]: INFO => [Alert_FWsam](FWsamCheckIn) Connected to host 127.0.0.1. Sep 5 07:38:33 hal su(pam_unix)[2494]: session opened for user suva by (uid=0) Sep 5 07:38:35 hal su(pam_unix)[2494]: session closed for user suva Sep 5 07:38:35 hal suvad: succeeded Sep 5 07:38:35 hal suvad:  Sep 5 07:38:35 hal suvad: Sep 5 07:38:35 hal rc: Starting suvad: succeeded Sep 5 07:38:38 hal syswatch: syswatch startup succeeded Sep 5 07:38:39 hal snort[2483]: Warning: flowbits key 'community_uri.size.1050' is set but not ever checked. Sep 5 07:38:39 hal snort[2483]: Sep 5 07:38:39 hal snort[2483]: +-----------------------[thresholding-config]---------------------------------- Sep 5 07:38:39 hal snort[2483]: | memory-cap : 1048576 bytes Sep 5 07:38:39 hal snort[2483]: +-----------------------[thresholding-global]---------------------------------- Sep 5 07:38:39 hal snort[2483]: | none Sep 5 07:38:39 hal snort[2483]: +-----------------------[thresholding-local]----------------------------------- Sep 5 07:38:39 hal snort[2483]: | gen-id=1 sig-id=100000877 type=Limit tracking=src count=1 seconds=300 Sep 5 07:38:39 hal snort[2483]: | gen-id=1 sig-id=2523 type=Both tracking=dst count=10 seconds=10 Sep 5 07:38:39 hal snort[2483]: | gen-id=1 sig-id=2495 type=Both tracking=dst count=20 seconds=60 Sep 5 07:38:39 hal snort[2483]: | gen-id=1 sig-id=2496 type=Both tracking=dst count=20 seconds=60 Sep 5 07:38:39 hal snort[2483]: | gen-id=1 sig-id=3273 type=Threshold tracking=src count=5 seconds=2 Sep 5 07:38:39 hal snort[2483]: | gen-id=1 sig-id=100000163 type=Both tracking=src count=100 seconds=60 Sep 5 07:38:39 hal snort[2483]: | gen-id=1 sig-id=2000049 type=Limit tracking=dst count=1 seconds=60 Sep 5 07:38:39 hal snort[2483]: | gen-id=1 sig-id=3152 type=Threshold tracking=src count=5 seconds=2 Sep 5 07:38:39 hal snort[2483]: | gen-id=1 sig-id=2000031 type=Limit tracking=dst count=1 seconds=60 Sep 5 07:38:39 hal snort[2483]: | gen-id=1 sig-id=100000162 type=Both tracking=src count=100 seconds=60 Sep 5 07:38:39 hal snort[2483]: | gen-id=1 sig-id=100000160 type=Both tracking=src count=300 seconds=60 Sep 5 07:38:39 hal snort[2483]: | gen-id=1 sig-id=3000002 type=Threshold tracking=src count=6 seconds=30 Sep 5 07:38:39 hal snort[2483]: | gen-id=1 sig-id=100000158 type=Both tracking=src count=100 seconds=60 Sep 5 07:38:39 hal snort[2483]: | gen-id=1 sig-id=2275 type=Threshold tracking=dst count=5 seconds=60 Sep 5 07:38:39 hal snort[2483]: | gen-id=1 sig-id=100000208 type=Threshold tracking=src count=50 seconds=60 Sep 5 07:38:39 hal snort[2483]: | gen-id=1 sig-id=2000048 type=Limit tracking=dst count=1 seconds=60 Sep 5 07:38:39 hal snort[2483]: | gen-id=1 sig-id=100000161 type=Both tracking=dst count=100 seconds=60 Sep 5 07:38:39 hal snort[2483]: | gen-id=1 sig-id=2001906 type=Both tracking=src count=5 seconds=60 Sep 5 07:38:39 hal snort[2483]: | gen-id=1 sig-id=3000001 type=Threshold tracking=src count=6 seconds=30 Sep 5 07:38:39 hal snort[2483]: | gen-id=1 sig-id=2494 type=Both tracking=dst count=20 seconds=60 Sep 5 07:38:39 hal snort[2483]: | gen-id=1 sig-id=100000159 type=Both tracking=src count=100 seconds=60 Sep 5 07:38:39 hal snort[2483]: | gen-id=1 sig-id=3527 type=Limit tracking=dst count=5 seconds=60 Sep 5 07:38:39 hal snort[2483]: +-----------------------[suppression]------------------------------------------ Sep 5 07:38:39 hal snort[2483]: | none Sep 5 07:38:39 hal snort[2483]: ------------------------------------------------------------------------------- Sep 5 07:38:39 hal snort[2483]: Rule application order: ->activation->dynamic->drop->alert->pass->log Sep 5 07:38:39 hal snort[2483]: Log directory = /var/log/snort Sep 5 07:38:40 hal snort[2483]: Snort initialization completed successfully (pid=2483) Sep 5 07:38:47 hal ldap: slapd shutdown succeeded Sep 5 07:38:47 hal ldap: slurpd shutdown succeeded Sep 5 07:38:47 hal ldap: succeeded Sep 5 07:38:47 hal ldap: slapd startup succeeded Sep 5 07:38:47 hal ldap: slurpd startup succeeded Sep 5 07:38:47 hal smb: smbd shutdown succeeded Sep 5 07:38:48 hal smb: nmbd shutdown succeeded Sep 5 07:38:48 hal smb: smbd startup succeeded Sep 5 07:38:48 hal smb: nmbd startup succeeded Sep 5 07:38:49 hal firewall: succeeded Sep 5 07:38:50 hal snortsam: snortsam shutdown succeeded Sep 5 07:38:50 hal snortsam: snortsam startup succeeded Sep 5 07:38:39 hal ntpdate[3119]: step time server 195.13.23.5 offset -12.204767 sec Sep 5 07:47:56 hal snort[2483]: INFO => [Alert_FWsam] Had to use initial key! Sep 5 07:47:56 hal snort[2483]: INFO => [Alert_FWsam](FWsamCheckIn) Connected to host 127.0.0.1. Sep 5 17:59:56 hal kernel: eth0: failed to detect cable link Sep 5 18:00:15 hal kernel: eth0: Link autonegation speed 100M bps full duplex Sep 5 18:01:55 hal shutdown: shutting down for system halt Sep 5 18:01:55 hal init: Switching to runlevel: 0 Sep 5 18:01:57 hal suvad: Stopping suvad: Sep 5 18:01:58 hal suvad: succeeded Sep 5 18:01:58 hal suvad:  Sep 5 18:01:58 hal suvad: Sep 5 18:01:58 hal rc: Stopping suvad: succeeded Sep 5 18:01:58 hal syswatch: syswatch shutdown succeeded Sep 5 18:01:58 hal saslauthd[2337]: server_exit : master exited: 2337 Sep 5 18:01:58 hal saslauthd: saslauthd shutdown succeeded Sep 5 18:01:58 hal gpm: gpm shutdown succeeded Sep 5 18:01:58 hal sshd: sshd shutdown succeeded Sep 5 18:01:58 hal squeezeboxserver: squeezeboxserver shutdown failed Sep 5 18:02:00 hal smb: smbd shutdown succeeded Sep 5 18:02:00 hal smb: nmbd shutdown succeeded Sep 5 18:02:04 hal mysqld: Stopping MySQL: succeeded Sep 5 18:02:04 hal webconfig: webconfig shutdown succeeded Sep 5 18:02:04 hal acpid: acpid shutdown succeeded Sep 5 18:02:04 hal crond: crond shutdown succeeded Sep 5 18:02:05 hal ldap: slapd shutdown succeeded Sep 5 18:02:05 hal ldap: slurpd shutdown succeeded Sep 5 18:02:06 hal kolabd[2349]: Kolab is shutting down Sep 5 18:02:06 hal kolabd: kolabd shutdown succeeded Sep 5 18:02:06 hal kernel: Kernel logging (proc) stopped. Sep 5 18:02:06 hal kernel: Kernel log daemon terminating. Sep 5 18:02:07 hal syslog: klogd shutdown succeeded Sep 5 18:02:07 hal exiting on signal 15 Sep 5 18:03:58 hal syslogd 1.4.1: restart. Sep 5 18:03:58 hal syslog: syslogd startup succeeded Sep 5 18:03:58 hal kernel: klogd 1.4.1, log source = /proc/kmsg started. Sep 5 18:03:58 hal syslog: klogd startup succeeded Sep 5 18:03:58 hal kernel: Inspecting /boot/System.map-2.6.18-53.1.13.2.cc Sep 5 18:03:59 hal kernel: Loaded 31104 symbols from /boot/System.map-2.6.18-53.1.13.2.cc. Sep 5 18:03:59 hal kernel: Symbols match kernel version 2.6.18. Sep 5 18:03:59 hal kernel: No module symbols loaded - kernel modules not enabled. Sep 5 18:03:59 hal kernel: Linux version 2.6.18-53.1.13.2.cc (darryl@cc4devel.lan) (gcc version 3.4.6 20060404 (Red Hat 3.4.6-8)) #1 SMP Wed Feb 27 18:26:42 EST 2008 Sep 5 18:03:59 hal kernel: BIOS-provided physical RAM map: Sep 5 18:03:59 hal kernel: BIOS-e820: 0000000000000000 - 000000000009f800 (usable) Sep 5 18:03:59 hal kernel: BIOS-e820: 000000000009f800 - 00000000000a0000 (reserved) Sep 5 18:03:59 hal kernel: BIOS-e820: 00000000000f0000 - 0000000000100000 (reserved) Sep 5 18:03:59 hal kernel: BIOS-e820: 0000000000100000 - 000000003bff0000 (usable) Sep 5 18:03:59 hal kernel: BIOS-e820: 000000003bff0000 - 000000003bff3000 (ACPI NVS) Sep 5 18:03:59 hal kernel: BIOS-e820: 000000003bff3000 - 000000003c000000 (ACPI data) Sep 5 18:03:59 hal kernel: BIOS-e820: 00000000fec00000 - 00000000fec01000 (reserved) Sep 5 18:03:59 hal kernel: BIOS-e820: 00000000fee00000 - 00000000fee01000 (reserved) Sep 5 18:03:59 hal kernel: BIOS-e820: 00000000ffff0000 - 0000000100000000 (reserved) Sep 5 18:03:59 hal kernel: 63MB HIGHMEM available. Sep 5 18:03:59 hal kernel: 896MB LOWMEM available. Sep 5 18:03:59 hal kernel: found SMP MP-table at 000f3800 Sep 5 18:03:59 hal kernel: Memory for crash kernel (0x0 to 0x0) notwithin permissible range Sep 5 18:03:59 hal kernel: disabling kdump Sep 5 18:03:59 hal kernel: Using x86 segment limits to approximate NX protection Sep 5 18:03:59 hal kernel: DMI 2.3 present. Sep 5 18:03:59 hal kernel: Using APIC driver default Sep 5 18:03:59 hal kernel: ACPI: acpi=force override Sep 5 18:03:59 hal kernel: ACPI: PM-Timer IO Port: 0x408 Sep 5 18:03:59 hal kernel: ACPI: LAPIC (acpi_id[0x00] lapic_id[0x00] enabled) Sep 5 18:03:59 hal kernel: Processor #0 6:10 APIC version 20 Sep 5 18:03:59 hal kernel: ACPI: LAPIC_NMI (acpi_id[0x00] high edge lint[0x1]) Sep 5 18:03:59 hal kernel: ACPI: IOAPIC (id[0x02] address[0xfec00000] gsi_base[0]) Sep 5 18:03:59 hal kernel: IOAPIC[0]: apic_id 2, version 3, address 0xfec00000, GSI 0-23 Sep 5 18:03:59 hal kernel: ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 dfl dfl) Sep 5 18:03:59 hal kernel: ACPI: INT_SRC_OVR (bus 0 bus_irq 9 global_irq 9 low level) Sep 5 18:03:59 hal kernel: Enabling APIC mode: Flat. Using 1 I/O APICs Sep 5 18:03:59 hal kernel: Using ACPI (MADT) for SMP configuration information Sep 5 18:03:59 hal kernel: Allocating PCI resources starting at 40000000 (gap: 3c000000:c2c00000) Sep 5 18:03:59 hal kernel: Detected 1197.125 MHz processor. Sep 5 18:03:59 hal kernel: Built 1 zonelists. Total pages: 245744 Sep 5 18:03:59 hal kernel: Kernel command line: ro root=/dev/VolGroup00/LogVol00 video=vga16fb vga=771 acpi=force Sep 5 18:03:59 hal kernel: Enabling fast FPU save and restore... done. Sep 5 18:03:59 hal kernel: Enabling unmasked SIMD FPU exception support... done. Sep 5 18:03:59 hal kernel: Initializing CPU#0 Sep 5 18:03:59 hal kernel: CPU 0 irqstacks, hard=c0765000 soft=c0745000 Sep 5 18:03:59 hal kernel: PID hash table entries: 4096 (order: 12, 16384 bytes) Sep 5 18:03:59 hal kernel: Console: colour dummy device 80x25 Sep 5 18:03:59 hal kernel: Dentry cache hash table entries: 131072 (order: 7, 524288 bytes) Sep 5 18:03:59 hal kernel: Inode-cache hash table entries: 65536 (order: 6, 262144 bytes) Sep 5 18:03:59 hal kernel: Memory: 968908k/982976k available (2163k kernel code, 13460k reserved, 915k data, 228k init, 65472k highmem) Sep 5 18:03:59 hal kernel: Checking if this processor honours the WP bit even in supervisor mode... Ok. Sep 5 18:03:59 hal kernel: Calibrating delay using timer specific routine.. 2395.97 BogoMIPS (lpj=1197987) Sep 5 18:03:59 hal kernel: Security Framework v1.0.0 initialized Sep 5 18:03:59 hal kernel: SELinux: Initializing. Sep 5 18:03:59 hal kernel: selinux_register_security: Registering secondary module capability Sep 5 18:03:59 hal kernel: Capability LSM initialized as secondary Sep 5 18:03:59 hal kernel: Mount-cache hash table entries: 512 Sep 5 18:03:59 hal kernel: CPU: L1 I Cache: 64K (64 bytes/line), D cache 64K (64 bytes/line) Sep 5 18:03:59 hal kernel: CPU: L2 Cache: 128K (64 bytes/line) Sep 5 18:03:59 hal kernel: Checking 'hlt' instruction... OK. Sep 5 18:03:59 hal kernel: SMP alternatives: switching to UP code Sep 5 18:03:59 hal kernel: Freeing SMP alternatives: 14k freed Sep 5 18:03:59 hal kernel: ACPI: Core revision 20060707 Sep 5 18:03:59 hal kernel: CPU0: Centaur VIA Esther processor 1200MHz stepping 09 Sep 5 18:03:59 hal kernel: Total of 1 processors activated (2395.97 BogoMIPS). Sep 5 18:03:59 hal kernel: ENABLING IO-APIC IRQs Sep 5 18:03:59 hal kernel: ..TIMER: vector=0x31 apic1=0 pin1=2 apic2=-1 pin2=-1 Sep 5 18:03:59 hal kernel: Brought up 1 CPUs Sep 5 18:03:59 hal kernel: checking if image is initramfs... it is Sep 5 18:03:59 hal kernel: Freeing initrd memory: 913k freed Sep 5 18:03:59 hal kernel: NET: Registered protocol family 16 Sep 5 18:03:59 hal kernel: ACPI: bus type pci registered Sep 5 18:03:59 hal kernel: PCI: PCI BIOS revision 2.10 entry at 0xf93b0, last bus=1 Sep 5 18:03:59 hal kernel: PCI: Using configuration type 1 Sep 5 18:03:59 hal kernel: Setting up standard PCI resources Sep 5 18:03:59 hal kernel: ACPI: Interpreter enabled Sep 5 18:03:59 hal kernel: ACPI: Using IOAPIC for interrupt routing Sep 5 18:03:59 hal kernel: ACPI: PCI Root Bridge [PCI0] (0000:00) Sep 5 18:03:59 hal kernel: ACPI: PCI Interrupt Link [LNKA] (IRQs 3 4 6 7 10 11 12) *5 Sep 5 18:03:59 hal kernel: ACPI: PCI Interrupt Link [LNKB] (IRQs 3 4 6 7 10 *11 12) Sep 5 18:03:59 hal kernel: ACPI: PCI Interrupt Link [LNKC] (IRQs 3 4 6 7 *10 11 12) Sep 5 18:03:59 hal kernel: ACPI: PCI Interrupt Link [LNKD] (IRQs 3 4 6 7 10 11 12) *0, disabled. Sep 5 18:03:59 hal kernel: ACPI: PCI Interrupt Link [LNKE] (IRQs 3 4 6 7 10 11 12) *0, disabled. Sep 5 18:03:59 hal kernel: ACPI: PCI Interrupt Link [LNKF] (IRQs 3 4 6 7 10 11 12) *0, disabled. Sep 5 18:03:59 hal kernel: ACPI: PCI Interrupt Link [LNK0] (IRQs 3 4 6 7 10 11 12) *0, disabled. Sep 5 18:03:59 hal kernel: ACPI: PCI Interrupt Link [LNK1] (IRQs 3 4 6 7 10 11 12) *0, disabled. Sep 5 18:03:59 hal kernel: ACPI: PCI Interrupt Link [ALKA] (IRQs *20) Sep 5 18:03:59 hal kernel: ACPI: PCI Interrupt Link [ALKB] (IRQs *21) Sep 5 18:03:59 hal kernel: ACPI: PCI Interrupt Link [ALKC] (IRQs *22) Sep 5 18:03:59 hal kernel: ACPI: PCI Interrupt Link [ALKD] (IRQs *23), disabled. Sep 5 18:03:59 hal kernel: Linux Plug and Play Support v0.97 (c) Adam Belay Sep 5 18:03:59 hal kernel: pnp: PnP ACPI init Sep 5 18:03:59 hal kernel: pnp: PnP ACPI: found 10 devices Sep 5 18:03:59 hal kernel: usbcore: registered new driver usbfs Sep 5 18:03:59 hal kernel: usbcore: registered new driver hub Sep 5 18:03:59 hal kernel: PCI: Using ACPI for IRQ routing Sep 5 18:03:59 hal kernel: PCI: If a device doesn't work, try "pci=routeirq". If it helps, post a report Sep 5 18:03:59 hal kernel: NetLabel: Initializing Sep 5 18:03:59 hal kernel: NetLabel: domain hash size = 128 Sep 5 18:03:59 hal kernel: NetLabel: protocols = UNLABELED CIPSOv4 Sep 5 18:03:59 hal kernel: NetLabel: unlabeled traffic allowed by default Sep 5 18:03:59 hal kernel: pnp: 00:02: ioport range 0x400-0x47f could not be reserved Sep 5 18:03:59 hal kernel: pnp: 00:02: ioport range 0x500-0x50f has been reserved Sep 5 18:03:59 hal kernel: PCI: Bridge: 0000:00:01.0 Sep 5 18:03:59 hal kernel: IO window: b000-bfff Sep 5 18:03:59 hal kernel: MEM window: fb000000-fcffffff Sep 5 18:03:59 hal kernel: PREFETCH window: f4000000-f7ffffff Sep 5 18:03:59 hal kernel: NET: Registered protocol family 2 Sep 5 18:03:59 hal kernel: IP route cache hash table entries: 32768 (order: 5, 131072 bytes) Sep 5 18:03:59 hal kernel: TCP established hash table entries: 131072 (order: 8, 1048576 bytes) Sep 5 18:03:59 hal kernel: TCP bind hash table entries: 65536 (order: 7, 524288 bytes) Sep 5 18:03:59 hal kernel: TCP: Hash tables configured (established 131072 bind 65536) Sep 5 18:03:59 hal kernel: TCP reno registered Sep 5 18:03:59 hal kernel: apm: BIOS version 1.2 Flags 0x07 (Driver version 1.16ac) Sep 5 18:03:59 hal kernel: apm: overridden by ACPI. Sep 5 18:03:59 hal kernel: audit: initializing netlink socket (disabled) Sep 5 18:03:59 hal kernel: audit(1252173782.844:1): initialized Sep 5 18:03:59 hal kernel: highmem bounce pool size: 64 pages Sep 5 18:03:59 hal kernel: Total HugeTLB memory allocated, 0 Sep 5 18:03:59 hal kernel: VFS: Disk quotas dquot_6.5.1 Sep 5 18:03:59 hal kernel: Dquot-cache hash table entries: 1024 (order 0, 4096 bytes) Sep 5 18:03:59 hal kernel: Initializing Cryptographic API Sep 5 18:03:59 hal kernel: ksign: Installing public key data Sep 5 18:03:59 hal kernel: Loading keyring Sep 5 18:03:59 hal kernel: io scheduler noop registered Sep 5 18:03:59 hal kernel: io scheduler anticipatory registered Sep 5 18:03:59 hal kernel: io scheduler deadline registered Sep 5 18:03:59 hal kernel: io scheduler cfq registered (default) Sep 5 18:03:59 hal kernel: PCI: Bypassing VIA 8237 APIC De-Assert Message Sep 5 18:03:59 hal kernel: pci_hotplug: PCI Hot Plug PCI Core version: 0.5 Sep 5 18:03:59 hal kernel: vesafb: framebuffer at 0xf4000000, mapped to 0xf8880000, using 937k, total 65536k Sep 5 18:03:59 hal kernel: vesafb: mode is 800x600x8, linelength=800, pages=127 Sep 5 18:03:59 hal kernel: vesafb: protected mode interface info at c000:aa5e Sep 5 18:03:59 hal kernel: vesafb: pmi: set display start = c00caaac, set palette = c00cab1d Sep 5 18:03:59 hal kernel: vesafb: scrolling: redraw Sep 5 18:03:59 hal kernel: vesafb: Pseudocolor: size=8:8:8:8, shift=0:0:0:0 Sep 5 18:03:59 hal kernel: Console: switching to colour frame buffer device 100x37 Sep 5 18:03:59 hal kernel: fb0: VESA VGA frame buffer device Sep 5 18:03:59 hal kernel: ACPI: Fan [FAN] (on) Sep 5 18:03:59 hal kernel: ACPI: CPU0 (power states: C1[C1] C2[C2] C3[C3]) Sep 5 18:03:59 hal kernel: ACPI: Processor [CPU0] (supports 2 throttling states) Sep 5 18:03:59 hal kernel: ACPI: Thermal Zone [THRM] (39 C) Sep 5 18:03:59 hal kernel: isapnp: Scanning for PnP cards... Sep 5 18:03:59 hal kernel: isapnp: No Plug & Play device found Sep 5 18:03:59 hal kernel: Real Time Clock Driver v1.12ac Sep 5 18:03:59 hal kernel: Non-volatile memory driver v1.2 Sep 5 18:03:59 hal kernel: Linux agpgart interface v0.101 (c) Dave Jones Sep 5 18:03:59 hal kernel: agpgart: Detected VIA P4M800CE chipset Sep 5 18:03:59 hal kernel: agpgart: AGP aperture is 128M @ 0xe8000000 Sep 5 18:03:59 hal kernel: Serial: 8250/16550 driver $Revision: 1.90 $ 4 ports, IRQ sharing enabled Sep 5 18:03:59 hal kernel: serial8250: ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A Sep 5 18:03:59 hal kernel: serial8250: ttyS1 at I/O 0x2f8 (irq = 3) is a 16550A Sep 5 18:03:59 hal kernel: 00:08: ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A Sep 5 18:03:59 hal kernel: 00:09: ttyS1 at I/O 0x2f8 (irq = 3) is a 16550A Sep 5 18:03:59 hal kernel: Floppy drive(s): fd0 is unknown type 15 (usb?), fd1 is unknown type 15 (usb?) Sep 5 18:03:59 hal kernel: floppy0: no floppy controllers found Sep 5 18:03:59 hal kernel: RAMDISK driver initialized: 16 RAM disks of 16384K size 4096 blocksize Sep 5 18:03:59 hal kernel: Uniform Multi-Platform E-IDE driver Revision: 7.00alpha2 Sep 5 18:03:59 hal kernel: ide: Assuming 33MHz system bus speed for PIO modes; override with idebus=xx Sep 5 18:03:59 hal kernel: VP_IDE: IDE controller at PCI slot 0000:00:0f.1 Sep 5 18:03:59 hal kernel: ACPI: PCI Interrupt Link [ALKA] enabled at IRQ 20 Sep 5 18:03:59 hal kernel: ACPI: PCI Interrupt 0000:00:0f.1[A] -> Link [ALKA] -> GSI 20 (level, low) -> IRQ 169 Sep 5 18:03:59 hal kernel: PCI: VIA IRQ fixup for 0000:00:0f.1, from 255 to 9 Sep 5 18:03:59 hal kernel: VP_IDE: chipset revision 6 Sep 5 18:03:59 hal kernel: VP_IDE: not 100% native mode: will probe irqs later Sep 5 18:03:59 hal kernel: VP_IDE: VIA vt8237 (rev 00) IDE UDMA133 controller on pci0000:00:0f.1 Sep 5 18:03:59 hal kernel: ide0: BM-DMA at 0xdc00-0xdc07, BIOS settings: hda:DMA, hdb:DMA Sep 5 18:03:59 hal kernel: ide1: BM-DMA at 0xdc08-0xdc0f, BIOS settings: hdc:pio, hdd:pio Sep 5 18:03:59 hal kernel: hda: MC8GE08G5MPP, ATA DISK drive Sep 5 18:03:59 hal kernel: hdb: TSSTcorpDVD-ROM SH-D162D, ATAPI CD/DVD-ROM drive Sep 5 18:03:59 hal kernel: ide0 at 0x1f0-0x1f7,0x3f6 on irq 14 Sep 5 18:03:59 hal kernel: hda: max request size: 128KiB Sep 5 18:03:59 hal kernel: hda: 15649200 sectors (8012 MB), CHS=15525/16/63, UDMA(66) Sep 5 18:03:59 hal kernel: hda: cache flushes supported Sep 5 18:03:59 hal kernel: hda: hda1 hda2 Sep 5 18:03:59 hal kernel: ide-floppy driver 0.99.newide Sep 5 18:03:59 hal kernel: usbcore: registered new driver hiddev Sep 5 18:03:59 hal kernel: usbcore: registered new driver usbhid Sep 5 18:03:59 hal kernel: drivers/usb/input/hid-core.c: v2.6:USB HID core driver Sep 5 18:03:59 hal kernel: PNP: No PS/2 controller found. Probing ports directly. Sep 5 18:03:59 hal kernel: serio: i8042 KBD port at 0x60,0x64 irq 1 Sep 5 18:03:59 hal kernel: mice: PS/2 mouse device common for all mice Sep 5 18:03:59 hal kernel: md: md driver 0.90.3 MAX_MD_DEVS=256, MD_SB_DISKS=27 Sep 5 18:03:59 hal kernel: md: bitmap version 4.39 Sep 5 18:03:59 hal kernel: TCP bic registered Sep 5 18:03:59 hal kernel: Initializing IPsec netlink socket Sep 5 18:03:59 hal kernel: NET: Registered protocol family 1 Sep 5 18:03:59 hal kernel: NET: Registered protocol family 17 Sep 5 18:03:59 hal kernel: Using IPI No-Shortcut mode Sep 5 18:03:59 hal kernel: ACPI: (supports S0 S3 S4 S5) Sep 5 18:03:59 hal kernel: Time: tsc clocksource has been installed. Sep 5 18:03:59 hal kernel: Freeing unused kernel memory: 228k freed Sep 5 18:03:59 hal kernel: Time: acpi_pm clocksource has been installed. Sep 5 18:03:59 hal kernel: Write protecting the kernel read-only data: 386k Sep 5 18:03:59 hal kernel: SCSI subsystem initialized Sep 5 18:03:59 hal kernel: ACPI: PCI Interrupt 0000:00:0f.0[B] -> Link [ALKA] -> GSI 20 (level, low) -> IRQ 169 Sep 5 18:03:59 hal kernel: sata_via 0000:00:0f.0: routed to hard irq line 11 Sep 5 18:03:59 hal kernel: scsi0 : sata_via Sep 5 18:03:59 hal kernel: scsi1 : sata_via Sep 5 18:03:59 hal kernel: ata1: SATA max UDMA/133 cmd 0x0001f400 ctl 0x0001f002 bmdma 0x0001e400 irq 169 Sep 5 18:03:59 hal kernel: ata2: SATA max UDMA/133 cmd 0x0001ec00 ctl 0x0001e802 bmdma 0x0001e408 irq 169 Sep 5 18:03:59 hal kernel: ata1: SATA link up 1.5 Gbps (SStatus 113 SControl 300) Sep 5 18:03:59 hal kernel: ata1.00: ATA-8: WDC WD1000FYPS-01ZKB0, 02.01B01, max UDMA/133 Sep 5 18:03:59 hal kernel: ata1.00: 1953525168 sectors, multi 16: LBA48 NCQ (depth 0/32) Sep 5 18:03:59 hal kernel: ata1.00: configured for UDMA/133 Sep 5 18:03:59 hal kernel: ata2: SATA link down 1.5 Gbps (SStatus 0 SControl 300) Sep 5 18:03:59 hal kernel: Vendor: ATA Model: WDC WD1000FYPS-0 Rev: 02.0 Sep 5 18:03:59 hal kernel: Type: Direct-Access ANSI SCSI revision: 05 Sep 5 18:03:59 hal kernel: SCSI device sda: 1953525168 512-byte hdwr sectors (1000205 MB) Sep 5 18:03:59 hal kernel: sda: Write Protect is off Sep 5 18:03:59 hal kernel: SCSI device sda: drive cache: write back Sep 5 18:03:59 hal kernel: SCSI device sda: 1953525168 512-byte hdwr sectors (1000205 MB) Sep 5 18:03:59 hal kernel: sda: Write Protect is off Sep 5 18:03:59 hal kernel: SCSI device sda: drive cache: write back Sep 5 18:03:59 hal kernel: sda: sda1 Sep 5 18:03:59 hal kernel: sd 0:0:0:0: Attached scsi disk sda Sep 5 18:03:59 hal kernel: device-mapper: ioctl: 4.11.0-ioctl (2006-09-14) initialised: dm-devel@redhat.com Sep 5 18:03:59 hal kernel: SELinux: Disabled at runtime. Sep 5 18:03:59 hal kernel: audit(1252173789.939:2): selinux=0 auid=4294967295 Sep 5 18:03:59 hal kernel: VIA Networking Velocity Family Gigabit Ethernet Adapter Driver Ver. 1.13 Sep 5 18:03:59 hal kernel: Copyright (c) 2002, 2003 VIA Networking Technologies, Inc. Sep 5 18:03:59 hal kernel: Copyright (c) 2004 Red Hat Inc. Sep 5 18:03:59 hal kernel: ACPI: PCI Interrupt 0000:00:0e.0[A] -> GSI 18 (level, low) -> IRQ 177 Sep 5 18:03:59 hal kernel: eth0: VIA Networking Velocity Family Gigabit Ethernet Adapter Sep 5 18:03:59 hal kernel: eth0: Ethernet Address: 00:40:63:F2:0B:C3 Sep 5 18:03:59 hal kernel: ACPI: PCI Interrupt Link [ALKC] enabled at IRQ 22 Sep 5 18:03:59 hal kernel: ACPI: PCI Interrupt 0000:00:11.5[C] -> Link [ALKC] -> GSI 22 (level, low) -> IRQ 185 Sep 5 18:03:59 hal kernel: viafb: VIA UNICHROME framebuffer 1.0 initializing Sep 5 18:03:59 hal kernel: viafb: viafb : F8B80000 Sep 5 18:03:59 hal kernel: viafb: framebuffer size = 64 Mb Sep 5 18:03:59 hal kernel: viafb: request_mem_region for framebuffer failed! Sep 5 18:03:59 hal kernel: viafb: probe of 0000:01:00.0 failed with error -1 Sep 5 18:03:59 hal kernel: ACPI: PCI Interrupt Link [ALKB] enabled at IRQ 21 Sep 5 18:03:59 hal kernel: ACPI: PCI Interrupt 0000:00:10.4[C] -> Link [ALKB] -> GSI 21 (level, low) -> IRQ 193 Sep 5 18:03:59 hal kernel: PCI: VIA IRQ fixup for 0000:00:10.4, from 10 to 1 Sep 5 18:03:59 hal kernel: ehci_hcd 0000:00:10.4: EHCI Host Controller Sep 5 18:03:59 hal kernel: ehci_hcd 0000:00:10.4: new USB bus registered, assigned bus number 1 Sep 5 18:03:59 hal kernel: ehci_hcd 0000:00:10.4: irq 193, io mem 0xfdffd000 Sep 5 18:03:59 hal kernel: ehci_hcd 0000:00:10.4: USB 2.0 started, EHCI 1.00, driver 10 Dec 2004 Sep 5 18:03:59 hal kernel: usb usb1: configuration #1 chosen from 1 choice Sep 5 18:03:59 hal kernel: hub 1-0:1.0: USB hub found Sep 5 18:03:59 hal kernel: hub 1-0:1.0: 6 ports detected Sep 5 18:03:59 hal kernel: USB Universal Host Controller Interface driver v3.0 Sep 5 18:03:59 hal kernel: ACPI: PCI Interrupt 0000:00:10.0[A] -> Link [ALKB] -> GSI 21 (level, low) -> IRQ 193 Sep 5 18:03:59 hal kernel: PCI: VIA IRQ fixup for 0000:00:10.0, from 5 to 1 Sep 5 18:03:59 hal kernel: uhci_hcd 0000:00:10.0: UHCI Host Controller Sep 5 18:03:59 hal kernel: uhci_hcd 0000:00:10.0: new USB bus registered, assigned bus number 2 Sep 5 18:03:59 hal kernel: uhci_hcd 0000:00:10.0: irq 193, io base 0x0000d800 Sep 5 18:03:59 hal kernel: usb usb2: configuration #1 chosen from 1 choice Sep 5 18:03:59 hal kernel: hub 2-0:1.0: USB hub found Sep 5 18:03:59 hal kernel: hub 2-0:1.0: 2 ports detected Sep 5 18:03:59 hal kernel: ACPI: PCI Interrupt 0000:00:10.1[A] -> Link [ALKB] -> GSI 21 (level, low) -> IRQ 193 Sep 5 18:03:59 hal kernel: PCI: VIA IRQ fixup for 0000:00:10.1, from 5 to 1 Sep 5 18:03:59 hal kernel: uhci_hcd 0000:00:10.1: UHCI Host Controller Sep 5 18:03:59 hal kernel: uhci_hcd 0000:00:10.1: new USB bus registered, assigned bus number 3 Sep 5 18:03:59 hal kernel: uhci_hcd 0000:00:10.1: irq 193, io base 0x0000d400 Sep 5 18:03:59 hal kernel: usb usb3: configuration #1 chosen from 1 choice Sep 5 18:03:59 hal kernel: hub 3-0:1.0: USB hub found Sep 5 18:03:59 hal kernel: hub 3-0:1.0: 2 ports detected Sep 5 18:03:59 hal kernel: ACPI: PCI Interrupt 0000:00:10.2[B] -> Link [ALKB] -> GSI 21 (level, low) -> IRQ 193 Sep 5 18:03:59 hal kernel: PCI: VIA IRQ fixup for 0000:00:10.2, from 11 to 1 Sep 5 18:03:59 hal kernel: uhci_hcd 0000:00:10.2: UHCI Host Controller Sep 5 18:03:59 hal kernel: uhci_hcd 0000:00:10.2: new USB bus registered, assigned bus number 4 Sep 5 18:03:59 hal kernel: uhci_hcd 0000:00:10.2: irq 193, io base 0x0000d000 Sep 5 18:03:59 hal kernel: usb usb4: configuration #1 chosen from 1 choice Sep 5 18:03:59 hal kernel: hub 4-0:1.0: USB hub found Sep 5 18:03:59 hal kernel: hub 4-0:1.0: 2 ports detected Sep 5 18:03:59 hal kernel: md: Autodetecting RAID arrays. Sep 5 18:03:59 hal kernel: md: autorun ... Sep 5 18:03:59 hal kernel: md: ... autorun DONE. Sep 5 18:03:59 hal kernel: ACPI: Power Button (FF) [PWRF] Sep 5 18:03:59 hal kernel: ACPI: Power Button (CM) [PWRB] Sep 5 18:03:59 hal kernel: ACPI: Sleep Button (CM) [SLPB] Sep 5 18:03:59 hal kernel: ibm_acpi: Unknown symbol backlight_device_unregister Sep 5 18:03:59 hal kernel: ibm_acpi: Unknown symbol backlight_device_register Sep 5 18:03:59 hal kernel: kjournald starting. Commit interval 5 seconds Sep 5 18:03:59 hal kernel: EXT3 FS on sda1, internal journal Sep 5 18:03:59 hal kernel: EXT3-fs: mounted filesystem with ordered data mode. Sep 5 18:03:59 hal kernel: Adding 1966072k swap on /dev/VolGroup00/LogVol01. Priority:-1 extents:1 across:1966072k Sep 5 18:03:59 hal kernel: ACPI: PCI Interrupt 0000:00:0d.0[A] -> GSI 17 (level, low) -> IRQ 201 Sep 5 18:03:59 hal kernel: firewire_ohci: Added fw-ohci device 0000:00:0d.0, OHCI version 1.10 Sep 5 18:03:59 hal kernel: ip_tables: (C) 2000-2006 Netfilter Core Team Sep 5 18:03:59 hal kernel: firewire_core: created new fw device fw0 (0 config rom retries) Sep 5 18:03:59 hal kernel: ip_tables: (C) 2000-2006 Netfilter Core Team Sep 5 18:03:59 hal kernel: Velocity is AUTO mode Sep 5 18:03:59 hal kernel: eth0: Link autonegation speed 100M bps full duplex Sep 5 18:03:59 hal kernel: ip_tables: (C) 2000-2006 Netfilter Core Team Sep 5 18:03:59 hal kernel: Netfilter messages via NETLINK v0.30. Sep 5 18:03:59 hal kernel: ip_conntrack version 2.4 (7679 buckets, 61432 max) - 228 bytes per conntrack Sep 5 18:04:00 hal kernel: CSLIP: code copyright 1989 Regents of the University of California Sep 5 18:04:00 hal kernel: PPP generic driver version 2.4.2 Sep 5 18:04:00 hal kernel: PPP MPPE Compression module registered Sep 5 18:04:00 hal kernel: ip_conntrack_pptp version 3.1 loaded Sep 5 18:04:00 hal firewall: succeeded Sep 5 18:04:00 hal netfs: Mounting other filesystems: succeeded Sep 5 18:03:31 hal rc.sysinit: -e Sep 5 18:03:31 hal rc.sysinit: -e Sep 5 18:03:31 hal sysctl: net.ipv4.ip_forward = 0 Sep 5 18:03:31 hal sysctl: net.ipv4.conf.default.rp_filter = 1 Sep 5 18:03:31 hal sysctl: net.ipv4.conf.default.accept_source_route = 0 Sep 5 18:03:31 hal sysctl: kernel.sysrq = 0 Sep 5 18:03:31 hal sysctl: kernel.core_uses_pid = 1 Sep 5 18:03:31 hal rc.sysinit: Configuring kernel parameters: succeeded Sep 5 18:03:31 hal date: Sat Sep 5 18:03:31 CEST 2009 Sep 5 18:03:31 hal rc.sysinit: Setting clock (localtime): Sat Sep 5 18:03:31 CEST 2009 succeeded Sep 5 18:03:31 hal rc.sysinit: Loading default keymap succeeded Sep 5 18:03:31 hal rc.sysinit: Setting hostname hal.home.lan: succeeded Sep 5 18:03:31 hal fsck: /dev/VolGroup00/LogVol00: clean, 86167/712704 files, 1274432/5701632 blocks Sep 5 18:03:31 hal rc.sysinit: Checking root filesystem succeeded Sep 5 18:03:31 hal rc.sysinit: Remounting root filesystem in read-write mode: succeeded Sep 5 18:03:33 hal lvm.static: 2 logical volume(s) in volume group VolGroup00 now active Sep 5 18:03:33 hal rc.sysinit: Setting up Logical Volume Management: succeeded Sep 5 18:03:33 hal fsck: /boot: clean, 34/13104 files, 5828/104388 blocks Sep 5 18:03:33 hal fsck: /dev/sda1: clean, 24364/122109952 files, 131191670/244190000 blocks Sep 5 18:03:33 hal rc.sysinit: Checking filesystems succeeded Sep 5 18:03:34 hal rc.sysinit: Mounting local filesystems: succeeded Sep 5 18:03:34 hal rc.sysinit: Enabling local filesystem quotas: succeeded Sep 5 18:03:34 hal rc.sysinit: Enabling swap space: succeeded Sep 5 18:03:34 hal init: Entering runlevel: 3 Sep 5 18:03:35 hal vgchange: 2 logical volume(s) in volume group "VolGroup00" monitored Sep 5 18:03:35 hal lvm2-monitor: Starting monitoring for VG VolGroup00: succeeded Sep 5 18:03:53 hal kudzu: succeeded Sep 5 18:03:53 hal sysctl: net.ipv4.ip_forward = 0 Sep 5 18:03:53 hal sysctl: net.ipv4.conf.default.rp_filter = 1 Sep 5 18:03:53 hal sysctl: net.ipv4.conf.default.accept_source_route = 0 Sep 5 18:03:53 hal sysctl: kernel.sysrq = 0 Sep 5 18:03:53 hal sysctl: kernel.core_uses_pid = 1 Sep 5 18:03:53 hal network: Setting network parameters: succeeded Sep 5 18:03:54 hal network: Bringing up loopback interface: succeeded Sep 5 18:03:58 hal network: Bringing up interface eth0: succeeded Sep 5 18:04:01 hal ldap: succeeded Sep 5 18:04:01 hal ldap: slapd startup succeeded Sep 5 18:04:01 hal ldap: slurpd startup succeeded Sep 5 18:04:01 hal acpid: acpid startup succeeded Sep 5 18:04:02 hal kernel: NET: Registered protocol family 10 Sep 5 18:04:02 hal kernel: lo: Disabled Privacy Extensions Sep 5 18:04:02 hal kernel: IPv6 over IPv4 tunneling driver Sep 5 18:04:02 hal sshd: succeeded Sep 5 18:04:03 hal webconfig: webconfig startup succeeded Sep 5 18:04:04 hal mysqld: Starting MySQL: succeeded Sep 5 18:04:09 hal runuser: [09-09-05 18:04:09.4492] main::init (320) Starting Squeezebox Server (v7.4, r28420, Thu Sep 3 04:02:25 PDT 2009) perl 5.008008 Sep 5 18:04:09 hal squeezeboxserver: squeezeboxserver startup succeeded Sep 5 18:04:10 hal gpm[2250]: *** info [startup.c(95)]: Sep 5 18:04:10 hal gpm[2250]: Started gpm successfully. Entered daemon mode. Sep 5 18:04:10 hal gpm: gpm startup succeeded Sep 5 18:04:10 hal crond: crond startup succeeded Sep 5 18:04:13 hal smb: smbd startup succeeded Sep 5 18:04:13 hal smb: nmbd startup succeeded Sep 5 18:04:17 hal saslauthd[2336]: detach_tty : master pid is: 2336 Sep 5 18:04:17 hal saslauthd[2336]: ipc_init : listening on socket: /var/run/saslauthd/mux Sep 5 18:04:17 hal saslauthd: saslauthd startup succeeded Sep 5 18:04:17 hal kolabd: Starting kolabd: Sep 5 18:04:17 hal kolabd: succeeded Sep 5 18:04:17 hal kolabd:  Sep 5 18:04:17 hal kolabd: Sep 5 18:04:17 hal rc: Starting kolabd: succeeded Sep 5 18:04:30 hal snortsam: snortsam startup succeeded Sep 5 18:04:31 hal kolabd[2348]: Kolab is starting up Sep 5 18:04:31 hal kernel: eth0: Promiscuous mode enabled. Sep 5 18:04:31 hal kernel: device eth0 entered promiscuous mode Sep 5 18:04:31 hal kernel: audit(1252166671.622:3): dev=eth0 prom=256 old_prom=0 auid=4294967295 Sep 5 18:04:31 hal snort[2480]: Initializing daemon mode Sep 5 18:04:31 hal snort: snort startup succeeded Sep 5 18:04:31 hal snort[2481]: PID path stat checked out ok, PID path set to /var/run/ Sep 5 18:04:31 hal snort[2481]: Writing PID "2481" to file "/var/run//snort_eth0.pid" Sep 5 18:04:31 hal snort[2481]: Parsing Rules file /etc/snort.conf Sep 5 18:04:31 hal snort[2481]: ,-----------[Flow Config]---------------------- Sep 5 18:04:31 hal snort[2481]: | Stats Interval: 0 Sep 5 18:04:31 hal snort[2481]: | Hash Method: 2 Sep 5 18:04:31 hal snort[2481]: | Memcap: 10485760 Sep 5 18:04:31 hal snort[2481]: | Rows : 4099 Sep 5 18:04:31 hal snort[2481]: | Overhead Bytes: 16400(%0.16) Sep 5 18:04:31 hal snort[2481]: `---------------------------------------------- Sep 5 18:04:31 hal snort[2481]: Frag3 global config: Sep 5 18:04:31 hal snort[2481]: Max frags: 65536 Sep 5 18:04:31 hal snort[2481]: Fragment memory cap: 4194304 bytes Sep 5 18:04:31 hal snort[2481]: Frag3 engine config: Sep 5 18:04:31 hal snort[2481]: Target-based policy: FIRST Sep 5 18:04:31 hal snort[2481]: Fragment timeout: 60 seconds Sep 5 18:04:31 hal snort[2481]: Fragment min_ttl: 1 Sep 5 18:04:31 hal snort[2481]: Fragment ttl_limit: 5 Sep 5 18:04:31 hal snort[2481]: Fragment Problems: 1 Sep 5 18:04:31 hal snort[2481]: Bound Addresses: 0.0.0.0/0.0.0.0 Sep 5 18:04:31 hal snort[2481]: Stream4 config: Sep 5 18:04:31 hal snort[2481]: Stateful inspection: ACTIVE Sep 5 18:04:31 hal snort[2481]: Session statistics: INACTIVE Sep 5 18:04:31 hal snort[2481]: Session timeout: 30 seconds Sep 5 18:04:31 hal snort[2481]: Session memory cap: 8388608 bytes Sep 5 18:04:31 hal snort[2481]: Session count max: 8192 sessions Sep 5 18:04:31 hal snort[2481]: Session cleanup count: 5 Sep 5 18:04:31 hal snort[2481]: State alerts: INACTIVE Sep 5 18:04:31 hal snort[2481]: Evasion alerts: INACTIVE Sep 5 18:04:31 hal snort[2481]: Scan alerts: INACTIVE Sep 5 18:04:31 hal snort[2481]: Log Flushed Streams: INACTIVE Sep 5 18:04:31 hal snort[2481]: MinTTL: 1 Sep 5 18:04:31 hal snort[2481]: TTL Limit: 5 Sep 5 18:04:31 hal snort[2481]: Async Link: 0 Sep 5 18:04:31 hal snort[2481]: State Protection: 0 Sep 5 18:04:31 hal snort[2481]: Self preservation threshold: 50 Sep 5 18:04:31 hal snort[2481]: Self preservation period: 90 Sep 5 18:04:31 hal snort[2481]: Suspend threshold: 200 Sep 5 18:04:31 hal snort[2481]: Suspend period: 30 Sep 5 18:04:31 hal snort[2481]: Enforce TCP State: INACTIVE Sep 5 18:04:31 hal snort[2481]: Midstream Drop Alerts: INACTIVE Sep 5 18:04:31 hal snort[2481]: Server Data Inspection Limit: -1 Sep 5 18:04:31 hal snort[2481]: WARNING /etc/snort.conf(373) => flush_behavior set in config file, using old static flushpoints (0) Sep 5 18:04:31 hal snort[2481]: Stream4_reassemble config: Sep 5 18:04:31 hal snort[2481]: Server reassembly: INACTIVE Sep 5 18:04:31 hal snort[2481]: Client reassembly: ACTIVE Sep 5 18:04:31 hal snort[2481]: Reassembler alerts: ACTIVE Sep 5 18:04:31 hal snort[2481]: Zero out flushed packets: INACTIVE Sep 5 18:04:31 hal snort[2481]: Flush stream on alert: INACTIVE Sep 5 18:04:31 hal snort[2481]: flush_data_diff_size: 500 Sep 5 18:04:31 hal snort[2481]: Reassembler Packet Preferance : Favor Old Sep 5 18:04:31 hal snort[2481]: Packet Sequence Overlap Limit: -1 Sep 5 18:04:31 hal snort[2481]: Flush behavior: Small (<255 bytes) Sep 5 18:04:31 hal snort[2481]: Ports: 21 23 25 42 53 80 110 111 135 136 137 139 143 445 513 1433 1521 3306 Sep 5 18:04:31 hal snort[2481]: Emergency Ports: 21 23 25 42 53 80 110 111 135 136 137 139 143 445 513 1433 1521 3306 Sep 5 18:04:31 hal snort[2481]: rpc_decode arguments: Sep 5 18:04:31 hal snort[2481]: Ports to decode RPC on: 111 32771 Sep 5 18:04:31 hal snort[2481]: alert_fragments: INACTIVE Sep 5 18:04:31 hal snort[2481]: alert_large_fragments: ACTIVE Sep 5 18:04:31 hal snort[2481]: alert_incomplete: ACTIVE Sep 5 18:04:31 hal snort[2481]: alert_multiple_requests: ACTIVE Sep 5 18:04:31 hal snort[2481]: telnet_decode arguments: Sep 5 18:04:31 hal snort[2481]: Ports to decode telnet on: 21 23 25 119 Sep 5 18:04:31 hal snort[2481]: Portscan Detection Config: Sep 5 18:04:31 hal snort[2481]: Detect Protocols: TCP UDP ICMP IP Sep 5 18:04:31 hal snort[2481]: Detect Scan Type: portscan portsweep decoy_portscan distributed_portscan Sep 5 18:04:31 hal snort[2481]: Sensitivity Level: Low Sep 5 18:04:31 hal snort[2481]: Memcap (in bytes): 10000000 Sep 5 18:04:31 hal snort[2481]: Number of Nodes: 36900 Sep 5 18:04:31 hal snort[2481]: Sep 5 18:04:31 hal snort[2481]: INFO => [Alert_FWsam](FWsamCheckIn) Connected to host 127.0.0.1. Sep 5 18:04:31 hal suvad: Starting suvad: Sep 5 18:04:32 hal su(pam_unix)[2492]: session opened for user suva by (uid=0) Sep 5 18:04:34 hal su(pam_unix)[2492]: session closed for user suva Sep 5 18:04:34 hal suvad: succeeded Sep 5 18:04:34 hal suvad:  Sep 5 18:04:34 hal suvad: Sep 5 18:04:34 hal rc: Starting suvad: succeeded Sep 5 18:04:35 hal snort[2481]: Warning: flowbits key 'community_uri.size.1050' is set but not ever checked. Sep 5 18:04:35 hal snort[2481]: Sep 5 18:04:35 hal snort[2481]: +-----------------------[thresholding-config]---------------------------------- Sep 5 18:04:35 hal snort[2481]: | memory-cap : 1048576 bytes Sep 5 18:04:35 hal snort[2481]: +-----------------------[thresholding-global]---------------------------------- Sep 5 18:04:35 hal snort[2481]: | none Sep 5 18:04:35 hal snort[2481]: +-----------------------[thresholding-local]----------------------------------- Sep 5 18:04:35 hal snort[2481]: | gen-id=1 sig-id=2495 type=Both tracking=dst count=20 seconds=60 Sep 5 18:04:35 hal snort[2481]: | gen-id=1 sig-id=2494 type=Both tracking=dst count=20 seconds=60 Sep 5 18:04:35 hal snort[2481]: | gen-id=1 sig-id=100000163 type=Both tracking=src count=100 seconds=60 Sep 5 18:04:35 hal snort[2481]: | gen-id=1 sig-id=100000877 type=Limit tracking=src count=1 seconds=300 Sep 5 18:04:35 hal snort[2481]: | gen-id=1 sig-id=2000049 type=Limit tracking=dst count=1 seconds=60 Sep 5 18:04:35 hal snort[2481]: | gen-id=1 sig-id=2000048 type=Limit tracking=dst count=1 seconds=60 Sep 5 18:04:35 hal snort[2481]: | gen-id=1 sig-id=100000162 type=Both tracking=src count=100 seconds=60 Sep 5 18:04:35 hal snort[2481]: | gen-id=1 sig-id=2496 type=Both tracking=dst count=20 seconds=60 Sep 5 18:04:35 hal snort[2481]: | gen-id=1 sig-id=2523 type=Both tracking=dst count=10 seconds=10 Sep 5 18:04:35 hal snort[2481]: | gen-id=1 sig-id=3273 type=Threshold tracking=src count=5 seconds=2 Sep 5 18:04:35 hal snort[2481]: | gen-id=1 sig-id=3000002 type=Threshold tracking=src count=6 seconds=30 Sep 5 18:04:35 hal snort[2481]: | gen-id=1 sig-id=100000158 type=Both tracking=src count=100 seconds=60 Sep 5 18:04:35 hal snort[2481]: | gen-id=1 sig-id=2000031 type=Limit tracking=dst count=1 seconds=60 Sep 5 18:04:35 hal snort[2481]: | gen-id=1 sig-id=3527 type=Limit tracking=dst count=5 seconds=60 Sep 5 18:04:35 hal snort[2481]: | gen-id=1 sig-id=3000001 type=Threshold tracking=src count=6 seconds=30 Sep 5 18:04:35 hal snort[2481]: | gen-id=1 sig-id=2275 type=Threshold tracking=dst count=5 seconds=60 Sep 5 18:04:35 hal snort[2481]: | gen-id=1 sig-id=3152 type=Threshold tracking=src count=5 seconds=2 Sep 5 18:04:35 hal snort[2481]: | gen-id=1 sig-id=100000208 type=Threshold tracking=src count=50 seconds=60 Sep 5 18:04:35 hal snort[2481]: | gen-id=1 sig-id=100000159 type=Both tracking=src count=100 seconds=60 Sep 5 18:04:35 hal snort[2481]: | gen-id=1 sig-id=100000160 type=Both tracking=src count=300 seconds=60 Sep 5 18:04:35 hal snort[2481]: | gen-id=1 sig-id=100000161 type=Both tracking=dst count=100 seconds=60 Sep 5 18:04:35 hal snort[2481]: | gen-id=1 sig-id=2001906 type=Both tracking=src count=5 seconds=60 Sep 5 18:04:35 hal snort[2481]: +-----------------------[suppression]------------------------------------------ Sep 5 18:04:35 hal snort[2481]: | none Sep 5 18:04:35 hal snort[2481]: ------------------------------------------------------------------------------- Sep 5 18:04:35 hal snort[2481]: Rule application order: ->activation->dynamic->drop->alert->pass->log Sep 5 18:04:35 hal snort[2481]: Log directory = /var/log/snort Sep 5 18:04:35 hal snort[2481]: Snort initialization completed successfully (pid=2481) Sep 5 18:04:36 hal syswatch: syswatch startup succeeded Sep 5 18:04:41 hal ldap: slapd shutdown succeeded Sep 5 18:04:41 hal ldap: slurpd shutdown succeeded Sep 5 18:04:41 hal ldap: succeeded Sep 5 18:04:41 hal ldap: slapd startup succeeded Sep 5 18:04:41 hal ldap: slurpd startup succeeded Sep 5 18:04:41 hal smb: smbd shutdown succeeded Sep 5 18:04:42 hal smb: nmbd shutdown succeeded Sep 5 18:04:42 hal smb: smbd startup succeeded Sep 5 18:04:42 hal smb: nmbd startup succeeded Sep 5 18:04:43 hal firewall: succeeded Sep 5 18:04:44 hal snortsam: snortsam shutdown succeeded Sep 5 18:04:45 hal snortsam: snortsam startup succeeded Sep 5 18:04:39 hal ntpdate[3114]: step time server 195.13.23.5 offset -6.270575 sec Sep 5 18:05:52 hal snort[2481]: INFO => [Alert_FWsam] Had to use initial key! Sep 5 18:05:52 hal snort[2481]: INFO => [Alert_FWsam](FWsamCheckIn) Connected to host 127.0.0.1. Sep 5 19:25:32 hal sshd(pam_unix)[2829]: session opened for user root by (uid=0) Sep 5 19:25:38 hal squeezeboxserver: squeezeboxserver shutdown failed Sep 5 19:31:25 hal squeezeboxserver: squeezeboxserver shutdown failed Sep 5 19:33:57 hal runuser: [09-09-05 19:33:57.0641] main::init (320) Starting Squeezebox Server (v7.4, r28449, Sat Sep 5 04:02:22 PDT 2009) perl 5.008008 Sep 5 19:33:57 hal squeezeboxserver: squeezeboxserver startup succeeded Sep 5 19:34:00 hal sshd(pam_unix)[2829]: session closed for user root Sep 5 22:45:15 hal shutdown: shutting down for system halt Sep 5 22:45:17 hal init: Switching to runlevel: 0 Sep 5 22:45:18 hal suvad: succeeded Sep 5 22:45:18 hal suvad: Stopping suvad: Sep 5 22:45:18 hal suvad: Sep 5 22:45:18 hal rc: Stopping suvad: succeeded Sep 5 22:45:18 hal syswatch: syswatch shutdown succeeded Sep 5 22:45:18 hal saslauthd[2336]: server_exit : master exited: 2336 Sep 5 22:45:18 hal saslauthd: saslauthd shutdown succeeded Sep 5 22:45:18 hal gpm: gpm shutdown succeeded Sep 5 22:45:18 hal sshd: sshd shutdown succeeded Sep 5 22:45:18 hal squeezeboxserver: squeezeboxserver shutdown failed Sep 5 22:45:20 hal smb: smbd shutdown succeeded Sep 5 22:45:20 hal smb: nmbd shutdown succeeded Sep 5 22:45:22 hal mysqld: Stopping MySQL: succeeded Sep 5 22:45:22 hal webconfig: webconfig shutdown succeeded Sep 5 22:45:23 hal acpid: acpid shutdown succeeded Sep 5 22:45:23 hal crond: crond shutdown succeeded Sep 5 22:45:23 hal ldap: slapd shutdown succeeded Sep 5 22:45:23 hal ldap: slurpd shutdown succeeded Sep 5 22:45:23 hal kolabd[2348]: Kolab is shutting down Sep 5 22:45:23 hal kolabd: kolabd shutdown succeeded Sep 5 22:45:24 hal kernel: Kernel logging (proc) stopped. Sep 5 22:45:24 hal kernel: Kernel log daemon terminating. Sep 5 22:45:25 hal syslog: klogd shutdown succeeded Sep 5 22:45:25 hal exiting on signal 15 Sep 6 08:07:04 hal syslogd 1.4.1: restart. Sep 6 08:07:04 hal syslog: syslogd startup succeeded Sep 6 08:07:04 hal kernel: klogd 1.4.1, log source = /proc/kmsg started. Sep 6 08:07:04 hal syslog: klogd startup succeeded Sep 6 08:07:04 hal kernel: Inspecting /boot/System.map-2.6.18-53.1.13.2.cc Sep 6 08:07:05 hal kernel: Loaded 31104 symbols from /boot/System.map-2.6.18-53.1.13.2.cc. Sep 6 08:07:05 hal kernel: Symbols match kernel version 2.6.18. Sep 6 08:07:05 hal kernel: No module symbols loaded - kernel modules not enabled. Sep 6 08:07:05 hal kernel: Linux version 2.6.18-53.1.13.2.cc (darryl@cc4devel.lan) (gcc version 3.4.6 20060404 (Red Hat 3.4.6-8)) #1 SMP Wed Feb 27 18:26:42 EST 2008 Sep 6 08:07:05 hal kernel: BIOS-provided physical RAM map: Sep 6 08:07:05 hal kernel: BIOS-e820: 0000000000000000 - 000000000009f800 (usable) Sep 6 08:07:05 hal kernel: BIOS-e820: 000000000009f800 - 00000000000a0000 (reserved) Sep 6 08:07:05 hal kernel: BIOS-e820: 00000000000f0000 - 0000000000100000 (reserved) Sep 6 08:07:05 hal kernel: BIOS-e820: 0000000000100000 - 000000003bff0000 (usable) Sep 6 08:07:05 hal kernel: BIOS-e820: 000000003bff0000 - 000000003bff3000 (ACPI NVS) Sep 6 08:07:05 hal kernel: BIOS-e820: 000000003bff3000 - 000000003c000000 (ACPI data) Sep 6 08:07:05 hal kernel: BIOS-e820: 00000000fec00000 - 00000000fec01000 (reserved) Sep 6 08:07:05 hal kernel: BIOS-e820: 00000000fee00000 - 00000000fee01000 (reserved) Sep 6 08:07:05 hal kernel: BIOS-e820: 00000000ffff0000 - 0000000100000000 (reserved) Sep 6 08:07:05 hal kernel: 63MB HIGHMEM available. Sep 6 08:07:05 hal kernel: 896MB LOWMEM available. Sep 6 08:07:05 hal kernel: found SMP MP-table at 000f3800 Sep 6 08:07:05 hal kernel: Memory for crash kernel (0x0 to 0x0) notwithin permissible range Sep 6 08:07:05 hal kernel: disabling kdump Sep 6 08:07:05 hal kernel: Using x86 segment limits to approximate NX protection Sep 6 08:07:05 hal kernel: DMI 2.3 present. Sep 6 08:07:05 hal kernel: Using APIC driver default Sep 6 08:07:05 hal kernel: ACPI: acpi=force override Sep 6 08:07:05 hal kernel: ACPI: PM-Timer IO Port: 0x408 Sep 6 08:07:05 hal kernel: ACPI: LAPIC (acpi_id[0x00] lapic_id[0x00] enabled) Sep 6 08:07:05 hal kernel: Processor #0 6:10 APIC version 20 Sep 6 08:07:05 hal kernel: ACPI: LAPIC_NMI (acpi_id[0x00] high edge lint[0x1]) Sep 6 08:07:05 hal kernel: ACPI: IOAPIC (id[0x02] address[0xfec00000] gsi_base[0]) Sep 6 08:07:05 hal kernel: IOAPIC[0]: apic_id 2, version 3, address 0xfec00000, GSI 0-23 Sep 6 08:07:05 hal kernel: ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 dfl dfl) Sep 6 08:07:05 hal kernel: ACPI: INT_SRC_OVR (bus 0 bus_irq 9 global_irq 9 low level) Sep 6 08:07:05 hal kernel: Enabling APIC mode: Flat. Using 1 I/O APICs Sep 6 08:07:05 hal kernel: Using ACPI (MADT) for SMP configuration information Sep 6 08:07:05 hal kernel: Allocating PCI resources starting at 40000000 (gap: 3c000000:c2c00000) Sep 6 08:07:05 hal kernel: Detected 1197.031 MHz processor. Sep 6 08:07:05 hal kernel: Built 1 zonelists. Total pages: 245744 Sep 6 08:07:05 hal kernel: Kernel command line: ro root=/dev/VolGroup00/LogVol00 video=vga16fb vga=771 acpi=force Sep 6 08:07:05 hal kernel: Enabling fast FPU save and restore... done. Sep 6 08:07:05 hal kernel: Enabling unmasked SIMD FPU exception support... done. Sep 6 08:07:05 hal kernel: Initializing CPU#0 Sep 6 08:07:05 hal kernel: CPU 0 irqstacks, hard=c0765000 soft=c0745000 Sep 6 08:07:05 hal kernel: PID hash table entries: 4096 (order: 12, 16384 bytes) Sep 6 08:07:05 hal kernel: Console: colour dummy device 80x25 Sep 6 08:07:05 hal kernel: Dentry cache hash table entries: 131072 (order: 7, 524288 bytes) Sep 6 08:07:05 hal kernel: Inode-cache hash table entries: 65536 (order: 6, 262144 bytes) Sep 6 08:07:05 hal kernel: Memory: 968908k/982976k available (2163k kernel code, 13460k reserved, 915k data, 228k init, 65472k highmem) Sep 6 08:07:05 hal kernel: Checking if this processor honours the WP bit even in supervisor mode... Ok. Sep 6 08:07:05 hal kernel: Calibrating delay using timer specific routine.. 2395.97 BogoMIPS (lpj=1197985) Sep 6 08:07:05 hal kernel: Security Framework v1.0.0 initialized Sep 6 08:07:05 hal kernel: SELinux: Initializing. Sep 6 08:07:05 hal kernel: selinux_register_security: Registering secondary module capability Sep 6 08:07:05 hal kernel: Capability LSM initialized as secondary Sep 6 08:07:05 hal kernel: Mount-cache hash table entries: 512 Sep 6 08:07:05 hal kernel: CPU: L1 I Cache: 64K (64 bytes/line), D cache 64K (64 bytes/line) Sep 6 08:07:05 hal kernel: CPU: L2 Cache: 128K (64 bytes/line) Sep 6 08:07:05 hal kernel: Checking 'hlt' instruction... OK. Sep 6 08:07:05 hal kernel: SMP alternatives: switching to UP code Sep 6 08:07:05 hal kernel: Freeing SMP alternatives: 14k freed Sep 6 08:07:05 hal kernel: ACPI: Core revision 20060707 Sep 6 08:07:05 hal kernel: CPU0: Centaur VIA Esther processor 1200MHz stepping 09 Sep 6 08:07:05 hal kernel: Total of 1 processors activated (2395.97 BogoMIPS). Sep 6 08:07:05 hal kernel: ENABLING IO-APIC IRQs Sep 6 08:07:05 hal kernel: ..TIMER: vector=0x31 apic1=0 pin1=2 apic2=-1 pin2=-1 Sep 6 08:07:05 hal kernel: Brought up 1 CPUs Sep 6 08:07:05 hal kernel: checking if image is initramfs... it is Sep 6 08:07:05 hal kernel: Freeing initrd memory: 913k freed Sep 6 08:07:05 hal kernel: NET: Registered protocol family 16 Sep 6 08:07:05 hal kernel: ACPI: bus type pci registered Sep 6 08:07:05 hal kernel: PCI: PCI BIOS revision 2.10 entry at 0xf93b0, last bus=1 Sep 6 08:07:05 hal kernel: PCI: Using configuration type 1 Sep 6 08:07:05 hal kernel: Setting up standard PCI resources Sep 6 08:07:05 hal kernel: ACPI: Interpreter enabled Sep 6 08:07:05 hal kernel: ACPI: Using IOAPIC for interrupt routing Sep 6 08:07:05 hal kernel: ACPI: PCI Root Bridge [PCI0] (0000:00) Sep 6 08:07:05 hal kernel: ACPI: PCI Interrupt Link [LNKA] (IRQs 3 4 6 7 10 11 12) *5 Sep 6 08:07:05 hal kernel: ACPI: PCI Interrupt Link [LNKB] (IRQs 3 4 6 7 10 *11 12) Sep 6 08:07:05 hal kernel: ACPI: PCI Interrupt Link [LNKC] (IRQs 3 4 6 7 *10 11 12) Sep 6 08:07:05 hal kernel: ACPI: PCI Interrupt Link [LNKD] (IRQs 3 4 6 7 10 11 12) *0, disabled. Sep 6 08:07:05 hal kernel: ACPI: PCI Interrupt Link [LNKE] (IRQs 3 4 6 7 10 11 12) *0, disabled. Sep 6 08:07:05 hal kernel: ACPI: PCI Interrupt Link [LNKF] (IRQs 3 4 6 7 10 11 12) *0, disabled. Sep 6 08:07:05 hal kernel: ACPI: PCI Interrupt Link [LNK0] (IRQs 3 4 6 7 10 11 12) *0, disabled. Sep 6 08:07:05 hal kernel: ACPI: PCI Interrupt Link [LNK1] (IRQs 3 4 6 7 10 11 12) *0, disabled. Sep 6 08:07:05 hal kernel: ACPI: PCI Interrupt Link [ALKA] (IRQs *20) Sep 6 08:07:05 hal kernel: ACPI: PCI Interrupt Link [ALKB] (IRQs *21) Sep 6 08:07:05 hal kernel: ACPI: PCI Interrupt Link [ALKC] (IRQs *22) Sep 6 08:07:05 hal kernel: ACPI: PCI Interrupt Link [ALKD] (IRQs *23), disabled. Sep 6 08:07:05 hal kernel: Linux Plug and Play Support v0.97 (c) Adam Belay Sep 6 08:07:05 hal kernel: pnp: PnP ACPI init Sep 6 08:07:05 hal kernel: pnp: PnP ACPI: found 10 devices Sep 6 08:07:05 hal kernel: usbcore: registered new driver usbfs Sep 6 08:07:05 hal kernel: usbcore: registered new driver hub Sep 6 08:07:05 hal kernel: PCI: Using ACPI for IRQ routing Sep 6 08:07:05 hal kernel: PCI: If a device doesn't work, try "pci=routeirq". If it helps, post a report Sep 6 08:07:05 hal kernel: NetLabel: Initializing Sep 6 08:07:05 hal kernel: NetLabel: domain hash size = 128 Sep 6 08:07:05 hal kernel: NetLabel: protocols = UNLABELED CIPSOv4 Sep 6 08:07:05 hal kernel: NetLabel: unlabeled traffic allowed by default Sep 6 08:07:05 hal kernel: pnp: 00:02: ioport range 0x400-0x47f could not be reserved Sep 6 08:07:05 hal kernel: pnp: 00:02: ioport range 0x500-0x50f has been reserved Sep 6 08:07:05 hal kernel: PCI: Bridge: 0000:00:01.0 Sep 6 08:07:05 hal kernel: IO window: b000-bfff Sep 6 08:07:05 hal kernel: MEM window: fb000000-fcffffff Sep 6 08:07:05 hal kernel: PREFETCH window: f4000000-f7ffffff Sep 6 08:07:05 hal kernel: NET: Registered protocol family 2 Sep 6 08:07:05 hal kernel: IP route cache hash table entries: 32768 (order: 5, 131072 bytes) Sep 6 08:07:05 hal kernel: TCP established hash table entries: 131072 (order: 8, 1048576 bytes) Sep 6 08:07:05 hal kernel: TCP bind hash table entries: 65536 (order: 7, 524288 bytes) Sep 6 08:07:05 hal kernel: TCP: Hash tables configured (established 131072 bind 65536) Sep 6 08:07:05 hal kernel: TCP reno registered Sep 6 08:07:05 hal kernel: apm: BIOS version 1.2 Flags 0x07 (Driver version 1.16ac) Sep 6 08:07:05 hal kernel: apm: overridden by ACPI. Sep 6 08:07:05 hal kernel: audit: initializing netlink socket (disabled) Sep 6 08:07:05 hal kernel: audit(1252224368.843:1): initialized Sep 6 08:07:05 hal kernel: highmem bounce pool size: 64 pages Sep 6 08:07:05 hal kernel: Total HugeTLB memory allocated, 0 Sep 6 08:07:05 hal kernel: VFS: Disk quotas dquot_6.5.1 Sep 6 08:07:05 hal kernel: Dquot-cache hash table entries: 1024 (order 0, 4096 bytes) Sep 6 08:07:05 hal kernel: Initializing Cryptographic API Sep 6 08:07:05 hal kernel: ksign: Installing public key data Sep 6 08:07:05 hal kernel: Loading keyring Sep 6 08:07:05 hal kernel: io scheduler noop registered Sep 6 08:07:05 hal kernel: io scheduler anticipatory registered Sep 6 08:07:05 hal kernel: io scheduler deadline registered Sep 6 08:07:05 hal kernel: io scheduler cfq registered (default) Sep 6 08:07:05 hal kernel: PCI: Bypassing VIA 8237 APIC De-Assert Message Sep 6 08:07:05 hal kernel: pci_hotplug: PCI Hot Plug PCI Core version: 0.5 Sep 6 08:07:05 hal kernel: vesafb: framebuffer at 0xf4000000, mapped to 0xf8880000, using 937k, total 65536k Sep 6 08:07:05 hal kernel: vesafb: mode is 800x600x8, linelength=800, pages=127 Sep 6 08:07:05 hal kernel: vesafb: protected mode interface info at c000:aa5e Sep 6 08:07:05 hal kernel: vesafb: pmi: set display start = c00caaac, set palette = c00cab1d Sep 6 08:07:05 hal kernel: vesafb: scrolling: redraw Sep 6 08:07:05 hal kernel: vesafb: Pseudocolor: size=8:8:8:8, shift=0:0:0:0 Sep 6 08:07:05 hal kernel: Console: switching to colour frame buffer device 100x37 Sep 6 08:07:05 hal kernel: fb0: VESA VGA frame buffer device Sep 6 08:07:05 hal kernel: ACPI: Fan [FAN] (on) Sep 6 08:07:05 hal kernel: ACPI: CPU0 (power states: C1[C1] C2[C2] C3[C3]) Sep 6 08:07:05 hal kernel: ACPI: Processor [CPU0] (supports 2 throttling states) Sep 6 08:07:05 hal kernel: ACPI: Thermal Zone [THRM] (27 C) Sep 6 08:07:05 hal kernel: isapnp: Scanning for PnP cards... Sep 6 08:07:05 hal kernel: isapnp: No Plug & Play device found Sep 6 08:07:05 hal kernel: Real Time Clock Driver v1.12ac Sep 6 08:07:05 hal kernel: Non-volatile memory driver v1.2 Sep 6 08:07:05 hal kernel: Linux agpgart interface v0.101 (c) Dave Jones Sep 6 08:07:05 hal kernel: agpgart: Detected VIA P4M800CE chipset Sep 6 08:07:05 hal kernel: agpgart: AGP aperture is 128M @ 0xe8000000 Sep 6 08:07:05 hal kernel: Serial: 8250/16550 driver $Revision: 1.90 $ 4 ports, IRQ sharing enabled Sep 6 08:07:05 hal kernel: serial8250: ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A Sep 6 08:07:05 hal kernel: serial8250: ttyS1 at I/O 0x2f8 (irq = 3) is a 16550A Sep 6 08:07:05 hal kernel: 00:08: ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A Sep 6 08:07:05 hal kernel: 00:09: ttyS1 at I/O 0x2f8 (irq = 3) is a 16550A Sep 6 08:07:05 hal kernel: Floppy drive(s): fd0 is unknown type 15 (usb?), fd1 is unknown type 15 (usb?) Sep 6 08:07:05 hal kernel: floppy0: no floppy controllers found Sep 6 08:07:05 hal kernel: RAMDISK driver initialized: 16 RAM disks of 16384K size 4096 blocksize Sep 6 08:07:05 hal kernel: Uniform Multi-Platform E-IDE driver Revision: 7.00alpha2 Sep 6 08:07:05 hal kernel: ide: Assuming 33MHz system bus speed for PIO modes; override with idebus=xx Sep 6 08:07:05 hal kernel: VP_IDE: IDE controller at PCI slot 0000:00:0f.1 Sep 6 08:07:05 hal kernel: ACPI: PCI Interrupt Link [ALKA] enabled at IRQ 20 Sep 6 08:07:05 hal kernel: ACPI: PCI Interrupt 0000:00:0f.1[A] -> Link [ALKA] -> GSI 20 (level, low) -> IRQ 169 Sep 6 08:07:05 hal kernel: PCI: VIA IRQ fixup for 0000:00:0f.1, from 255 to 9 Sep 6 08:07:05 hal kernel: VP_IDE: chipset revision 6 Sep 6 08:07:05 hal kernel: VP_IDE: not 100% native mode: will probe irqs later Sep 6 08:07:05 hal kernel: VP_IDE: VIA vt8237 (rev 00) IDE UDMA133 controller on pci0000:00:0f.1 Sep 6 08:07:05 hal kernel: ide0: BM-DMA at 0xdc00-0xdc07, BIOS settings: hda:DMA, hdb:DMA Sep 6 08:07:05 hal kernel: ide1: BM-DMA at 0xdc08-0xdc0f, BIOS settings: hdc:pio, hdd:pio Sep 6 08:07:05 hal kernel: hda: MC8GE08G5MPP, ATA DISK drive Sep 6 08:07:05 hal kernel: hdb: TSSTcorpDVD-ROM SH-D162D, ATAPI CD/DVD-ROM drive Sep 6 08:07:05 hal kernel: ide0 at 0x1f0-0x1f7,0x3f6 on irq 14 Sep 6 08:07:05 hal kernel: hda: max request size: 128KiB Sep 6 08:07:05 hal kernel: hda: 15649200 sectors (8012 MB), CHS=15525/16/63, UDMA(66) Sep 6 08:07:05 hal kernel: hda: cache flushes supported Sep 6 08:07:05 hal kernel: hda: hda1 hda2 Sep 6 08:07:05 hal kernel: ide-floppy driver 0.99.newide Sep 6 08:07:05 hal kernel: usbcore: registered new driver hiddev Sep 6 08:07:05 hal kernel: usbcore: registered new driver usbhid Sep 6 08:07:05 hal kernel: drivers/usb/input/hid-core.c: v2.6:USB HID core driver Sep 6 08:07:05 hal kernel: PNP: No PS/2 controller found. Probing ports directly. Sep 6 08:07:05 hal kernel: serio: i8042 KBD port at 0x60,0x64 irq 1 Sep 6 08:07:05 hal kernel: mice: PS/2 mouse device common for all mice Sep 6 08:07:05 hal kernel: md: md driver 0.90.3 MAX_MD_DEVS=256, MD_SB_DISKS=27 Sep 6 08:07:05 hal kernel: md: bitmap version 4.39 Sep 6 08:07:05 hal kernel: TCP bic registered Sep 6 08:07:05 hal kernel: Initializing IPsec netlink socket Sep 6 08:07:05 hal kernel: NET: Registered protocol family 1 Sep 6 08:07:05 hal kernel: NET: Registered protocol family 17 Sep 6 08:07:05 hal kernel: Using IPI No-Shortcut mode Sep 6 08:07:05 hal kernel: ACPI: (supports S0 S3 S4 S5) Sep 6 08:07:05 hal kernel: Time: tsc clocksource has been installed. Sep 6 08:07:05 hal kernel: Freeing unused kernel memory: 228k freed Sep 6 08:07:05 hal kernel: Time: acpi_pm clocksource has been installed. Sep 6 08:07:05 hal kernel: Write protecting the kernel read-only data: 386k Sep 6 08:07:05 hal kernel: SCSI subsystem initialized Sep 6 08:07:05 hal kernel: ACPI: PCI Interrupt 0000:00:0f.0[B] -> Link [ALKA] -> GSI 20 (level, low) -> IRQ 169 Sep 6 08:07:05 hal kernel: sata_via 0000:00:0f.0: routed to hard irq line 11 Sep 6 08:07:05 hal kernel: scsi0 : sata_via Sep 6 08:07:05 hal kernel: scsi1 : sata_via Sep 6 08:07:05 hal kernel: ata1: SATA max UDMA/133 cmd 0x0001f400 ctl 0x0001f002 bmdma 0x0001e400 irq 169 Sep 6 08:07:05 hal kernel: ata2: SATA max UDMA/133 cmd 0x0001ec00 ctl 0x0001e802 bmdma 0x0001e408 irq 169 Sep 6 08:07:05 hal kernel: ata1: SATA link up 1.5 Gbps (SStatus 113 SControl 300) Sep 6 08:07:05 hal kernel: ata1.00: ATA-8: WDC WD1000FYPS-01ZKB0, 02.01B01, max UDMA/133 Sep 6 08:07:05 hal kernel: ata1.00: 1953525168 sectors, multi 16: LBA48 NCQ (depth 0/32) Sep 6 08:07:05 hal kernel: ata1.00: configured for UDMA/133 Sep 6 08:07:05 hal kernel: ata2: SATA link down 1.5 Gbps (SStatus 0 SControl 300) Sep 6 08:07:05 hal kernel: Vendor: ATA Model: WDC WD1000FYPS-0 Rev: 02.0 Sep 6 08:07:05 hal kernel: Type: Direct-Access ANSI SCSI revision: 05 Sep 6 08:07:05 hal kernel: SCSI device sda: 1953525168 512-byte hdwr sectors (1000205 MB) Sep 6 08:07:05 hal kernel: sda: Write Protect is off Sep 6 08:07:05 hal kernel: SCSI device sda: drive cache: write back Sep 6 08:07:05 hal kernel: SCSI device sda: 1953525168 512-byte hdwr sectors (1000205 MB) Sep 6 08:07:05 hal kernel: sda: Write Protect is off Sep 6 08:07:05 hal kernel: SCSI device sda: drive cache: write back Sep 6 08:07:05 hal kernel: sda: sda1 Sep 6 08:07:05 hal kernel: sd 0:0:0:0: Attached scsi disk sda Sep 6 08:07:05 hal kernel: device-mapper: ioctl: 4.11.0-ioctl (2006-09-14) initialised: dm-devel@redhat.com Sep 6 08:07:05 hal kernel: SELinux: Disabled at runtime. Sep 6 08:07:05 hal kernel: audit(1252224375.938:2): selinux=0 auid=4294967295 Sep 6 08:07:05 hal kernel: VIA Networking Velocity Family Gigabit Ethernet Adapter Driver Ver. 1.13 Sep 6 08:07:05 hal kernel: Copyright (c) 2002, 2003 VIA Networking Technologies, Inc. Sep 6 08:07:05 hal kernel: Copyright (c) 2004 Red Hat Inc. Sep 6 08:07:05 hal kernel: ACPI: PCI Interrupt 0000:00:0e.0[A] -> GSI 18 (level, low) -> IRQ 177 Sep 6 08:07:05 hal kernel: eth0: VIA Networking Velocity Family Gigabit Ethernet Adapter Sep 6 08:07:05 hal kernel: eth0: Ethernet Address: 00:40:63:F2:0B:C3 Sep 6 08:07:05 hal kernel: ACPI: PCI Interrupt Link [ALKC] enabled at IRQ 22 Sep 6 08:07:05 hal kernel: ACPI: PCI Interrupt 0000:00:11.5[C] -> Link [ALKC] -> GSI 22 (level, low) -> IRQ 185 Sep 6 08:07:05 hal kernel: viafb: VIA UNICHROME framebuffer 1.0 initializing Sep 6 08:07:05 hal kernel: viafb: viafb : F8B80000 Sep 6 08:07:05 hal kernel: viafb: framebuffer size = 64 Mb Sep 6 08:07:05 hal kernel: viafb: request_mem_region for framebuffer failed! Sep 6 08:07:05 hal kernel: viafb: probe of 0000:01:00.0 failed with error -1 Sep 6 08:07:05 hal kernel: ACPI: PCI Interrupt Link [ALKB] enabled at IRQ 21 Sep 6 08:07:05 hal kernel: ACPI: PCI Interrupt 0000:00:10.4[C] -> Link [ALKB] -> GSI 21 (level, low) -> IRQ 193 Sep 6 08:07:05 hal kernel: PCI: VIA IRQ fixup for 0000:00:10.4, from 10 to 1 Sep 6 08:07:05 hal kernel: ehci_hcd 0000:00:10.4: EHCI Host Controller Sep 6 08:07:05 hal kernel: ehci_hcd 0000:00:10.4: new USB bus registered, assigned bus number 1 Sep 6 08:07:05 hal kernel: ehci_hcd 0000:00:10.4: irq 193, io mem 0xfdffd000 Sep 6 08:07:05 hal kernel: ehci_hcd 0000:00:10.4: USB 2.0 started, EHCI 1.00, driver 10 Dec 2004 Sep 6 08:07:05 hal kernel: usb usb1: configuration #1 chosen from 1 choice Sep 6 08:07:05 hal kernel: hub 1-0:1.0: USB hub found Sep 6 08:07:05 hal kernel: hub 1-0:1.0: 6 ports detected Sep 6 08:07:05 hal kernel: USB Universal Host Controller Interface driver v3.0 Sep 6 08:07:05 hal kernel: ACPI: PCI Interrupt 0000:00:10.0[A] -> Link [ALKB] -> GSI 21 (level, low) -> IRQ 193 Sep 6 08:07:05 hal kernel: PCI: VIA IRQ fixup for 0000:00:10.0, from 5 to 1 Sep 6 08:07:05 hal kernel: uhci_hcd 0000:00:10.0: UHCI Host Controller Sep 6 08:07:05 hal kernel: uhci_hcd 0000:00:10.0: new USB bus registered, assigned bus number 2 Sep 6 08:07:05 hal kernel: uhci_hcd 0000:00:10.0: irq 193, io base 0x0000d800 Sep 6 08:07:05 hal kernel: usb usb2: configuration #1 chosen from 1 choice Sep 6 08:07:05 hal kernel: hub 2-0:1.0: USB hub found Sep 6 08:07:05 hal kernel: hub 2-0:1.0: 2 ports detected Sep 6 08:07:05 hal kernel: ACPI: PCI Interrupt 0000:00:10.1[A] -> Link [ALKB] -> GSI 21 (level, low) -> IRQ 193 Sep 6 08:07:05 hal kernel: PCI: VIA IRQ fixup for 0000:00:10.1, from 5 to 1 Sep 6 08:07:05 hal kernel: uhci_hcd 0000:00:10.1: UHCI Host Controller Sep 6 08:07:05 hal kernel: uhci_hcd 0000:00:10.1: new USB bus registered, assigned bus number 3 Sep 6 08:07:05 hal kernel: uhci_hcd 0000:00:10.1: irq 193, io base 0x0000d400 Sep 6 08:07:05 hal kernel: usb usb3: configuration #1 chosen from 1 choice Sep 6 08:07:05 hal kernel: hub 3-0:1.0: USB hub found Sep 6 08:07:05 hal kernel: hub 3-0:1.0: 2 ports detected Sep 6 08:07:05 hal kernel: ACPI: PCI Interrupt 0000:00:10.2[B] -> Link [ALKB] -> GSI 21 (level, low) -> IRQ 193 Sep 6 08:07:05 hal kernel: PCI: VIA IRQ fixup for 0000:00:10.2, from 11 to 1 Sep 6 08:07:05 hal kernel: uhci_hcd 0000:00:10.2: UHCI Host Controller Sep 6 08:07:05 hal kernel: uhci_hcd 0000:00:10.2: new USB bus registered, assigned bus number 4 Sep 6 08:07:05 hal kernel: uhci_hcd 0000:00:10.2: irq 193, io base 0x0000d000 Sep 6 08:07:05 hal kernel: usb usb4: configuration #1 chosen from 1 choice Sep 6 08:07:05 hal kernel: hub 4-0:1.0: USB hub found Sep 6 08:07:05 hal kernel: hub 4-0:1.0: 2 ports detected Sep 6 08:07:05 hal kernel: md: Autodetecting RAID arrays. Sep 6 08:07:05 hal kernel: md: autorun ... Sep 6 08:07:05 hal kernel: md: ... autorun DONE. Sep 6 08:07:05 hal kernel: ACPI: Power Button (FF) [PWRF] Sep 6 08:07:05 hal kernel: ACPI: Power Button (CM) [PWRB] Sep 6 08:07:05 hal kernel: ACPI: Sleep Button (CM) [SLPB] Sep 6 08:07:05 hal kernel: ibm_acpi: Unknown symbol backlight_device_unregister Sep 6 08:07:05 hal kernel: ibm_acpi: Unknown symbol backlight_device_register Sep 6 08:07:05 hal kernel: kjournald starting. Commit interval 5 seconds Sep 6 08:07:05 hal kernel: EXT3 FS on sda1, internal journal Sep 6 08:07:05 hal kernel: EXT3-fs: mounted filesystem with ordered data mode. Sep 6 08:07:05 hal kernel: Adding 1966072k swap on /dev/VolGroup00/LogVol01. Priority:-1 extents:1 across:1966072k Sep 6 08:07:05 hal kernel: ACPI: PCI Interrupt 0000:00:0d.0[A] -> GSI 17 (level, low) -> IRQ 201 Sep 6 08:07:05 hal kernel: firewire_ohci: Added fw-ohci device 0000:00:0d.0, OHCI version 1.10 Sep 6 08:07:05 hal kernel: ip_tables: (C) 2000-2006 Netfilter Core Team Sep 6 08:07:05 hal kernel: firewire_core: created new fw device fw0 (0 config rom retries) Sep 6 08:07:05 hal kernel: ip_tables: (C) 2000-2006 Netfilter Core Team Sep 6 08:07:05 hal kernel: Velocity is AUTO mode Sep 6 08:07:05 hal kernel: eth0: Link autonegation speed 100M bps full duplex Sep 6 08:07:05 hal kernel: ip_tables: (C) 2000-2006 Netfilter Core Team Sep 6 08:07:05 hal kernel: Netfilter messages via NETLINK v0.30. Sep 6 08:07:05 hal kernel: ip_conntrack version 2.4 (7679 buckets, 61432 max) - 228 bytes per conntrack Sep 6 08:07:06 hal kernel: CSLIP: code copyright 1989 Regents of the University of California Sep 6 08:07:06 hal kernel: PPP generic driver version 2.4.2 Sep 6 08:07:06 hal kernel: PPP MPPE Compression module registered Sep 6 08:07:06 hal kernel: ip_conntrack_pptp version 3.1 loaded Sep 6 08:07:06 hal firewall: succeeded Sep 6 08:07:06 hal netfs: Mounting other filesystems: succeeded Sep 6 08:06:37 hal rc.sysinit: -e Sep 6 08:06:37 hal rc.sysinit: -e Sep 6 08:06:37 hal sysctl: net.ipv4.ip_forward = 0 Sep 6 08:06:37 hal sysctl: net.ipv4.conf.default.rp_filter = 1 Sep 6 08:06:37 hal sysctl: net.ipv4.conf.default.accept_source_route = 0 Sep 6 08:06:37 hal sysctl: kernel.sysrq = 0 Sep 6 08:06:37 hal sysctl: kernel.core_uses_pid = 1 Sep 6 08:06:37 hal rc.sysinit: Configuring kernel parameters: succeeded Sep 6 08:06:37 hal date: Sun Sep 6 08:06:37 CEST 2009 Sep 6 08:06:37 hal rc.sysinit: Setting clock (localtime): Sun Sep 6 08:06:37 CEST 2009 succeeded Sep 6 08:06:37 hal rc.sysinit: Loading default keymap succeeded Sep 6 08:06:37 hal rc.sysinit: Setting hostname hal.home.lan: succeeded Sep 6 08:06:37 hal fsck: /dev/VolGroup00/LogVol00: clean, 86200/712704 files, 1276516/5701632 blocks Sep 6 08:06:37 hal rc.sysinit: Checking root filesystem succeeded Sep 6 08:06:37 hal rc.sysinit: Remounting root filesystem in read-write mode: succeeded Sep 6 08:06:39 hal lvm.static: 2 logical volume(s) in volume group VolGroup00 now active Sep 6 08:06:39 hal rc.sysinit: Setting up Logical Volume Management: succeeded Sep 6 08:06:39 hal fsck: /boot: clean, 34/13104 files, 5828/104388 blocks Sep 6 08:06:39 hal fsck: /dev/sda1: clean, 24364/122109952 files, 131191670/244190000 blocks Sep 6 08:06:39 hal rc.sysinit: Checking filesystems succeeded Sep 6 08:06:40 hal rc.sysinit: Mounting local filesystems: succeeded Sep 6 08:06:40 hal rc.sysinit: Enabling local filesystem quotas: succeeded Sep 6 08:06:40 hal rc.sysinit: Enabling swap space: succeeded Sep 6 08:06:40 hal init: Entering runlevel: 3 Sep 6 08:06:41 hal vgchange: 2 logical volume(s) in volume group "VolGroup00" monitored Sep 6 08:06:41 hal lvm2-monitor: Starting monitoring for VG VolGroup00: succeeded Sep 6 08:06:59 hal kudzu: succeeded Sep 6 08:06:59 hal sysctl: net.ipv4.ip_forward = 0 Sep 6 08:06:59 hal sysctl: net.ipv4.conf.default.rp_filter = 1 Sep 6 08:06:59 hal sysctl: net.ipv4.conf.default.accept_source_route = 0 Sep 6 08:06:59 hal sysctl: kernel.sysrq = 0 Sep 6 08:06:59 hal sysctl: kernel.core_uses_pid = 1 Sep 6 08:06:59 hal network: Setting network parameters: succeeded Sep 6 08:07:00 hal network: Bringing up loopback interface: succeeded Sep 6 08:07:04 hal network: Bringing up interface eth0: succeeded Sep 6 08:07:07 hal ldap: succeeded Sep 6 08:07:07 hal ldap: slapd startup succeeded Sep 6 08:07:07 hal ldap: slurpd startup succeeded Sep 6 08:07:07 hal acpid: acpid startup succeeded Sep 6 08:07:08 hal kernel: NET: Registered protocol family 10 Sep 6 08:07:08 hal kernel: lo: Disabled Privacy Extensions Sep 6 08:07:08 hal kernel: IPv6 over IPv4 tunneling driver Sep 6 08:07:08 hal sshd: succeeded Sep 6 08:07:09 hal webconfig: webconfig startup succeeded Sep 6 08:07:11 hal mysqld: Starting MySQL: succeeded Sep 6 08:07:16 hal runuser: [09-09-06 08:07:16.2667] main::init (320) Starting Squeezebox Server (v7.4, r28449, Sat Sep 5 04:02:22 PDT 2009) perl 5.008008 Sep 6 08:07:16 hal squeezeboxserver: squeezeboxserver startup succeeded Sep 6 08:07:16 hal gpm[2251]: *** info [startup.c(95)]: Sep 6 08:07:16 hal gpm[2251]: Started gpm successfully. Entered daemon mode. Sep 6 08:07:17 hal gpm: gpm startup succeeded Sep 6 08:07:17 hal crond: crond startup succeeded Sep 6 08:07:20 hal smb: smbd startup succeeded Sep 6 08:07:24 hal smb: nmbd startup succeeded Sep 6 08:07:25 hal saslauthd[2336]: detach_tty : master pid is: 2336 Sep 6 08:07:25 hal saslauthd[2336]: ipc_init : listening on socket: /var/run/saslauthd/mux Sep 6 08:07:25 hal saslauthd: saslauthd startup succeeded Sep 6 08:07:25 hal kolabd: Starting kolabd: Sep 6 08:07:25 hal kolabd: succeeded Sep 6 08:07:25 hal kolabd:  Sep 6 08:07:25 hal kolabd: Sep 6 08:07:25 hal rc: Starting kolabd: succeeded Sep 6 08:07:27 hal kolabd[2348]: Kolab is starting up Sep 6 08:07:34 hal snortsam: snortsam startup succeeded Sep 6 08:07:37 hal kernel: eth0: Promiscuous mode enabled. Sep 6 08:07:37 hal kernel: device eth0 entered promiscuous mode Sep 6 08:07:37 hal kernel: audit(1252217257.889:3): dev=eth0 prom=256 old_prom=0 auid=4294967295 Sep 6 08:07:37 hal snort[2482]: Initializing daemon mode Sep 6 08:07:37 hal snort: snort startup succeeded Sep 6 08:07:37 hal snort[2483]: PID path stat checked out ok, PID path set to /var/run/ Sep 6 08:07:37 hal snort[2483]: Writing PID "2483" to file "/var/run//snort_eth0.pid" Sep 6 08:07:38 hal snort[2483]: Parsing Rules file /etc/snort.conf Sep 6 08:07:38 hal snort[2483]: ,-----------[Flow Config]---------------------- Sep 6 08:07:38 hal snort[2483]: | Stats Interval: 0 Sep 6 08:07:38 hal snort[2483]: | Hash Method: 2 Sep 6 08:07:38 hal snort[2483]: | Memcap: 10485760 Sep 6 08:07:38 hal snort[2483]: | Rows : 4099 Sep 6 08:07:38 hal snort[2483]: | Overhead Bytes: 16400(%0.16) Sep 6 08:07:38 hal snort[2483]: `---------------------------------------------- Sep 6 08:07:38 hal snort[2483]: Frag3 global config: Sep 6 08:07:38 hal snort[2483]: Max frags: 65536 Sep 6 08:07:38 hal snort[2483]: Fragment memory cap: 4194304 bytes Sep 6 08:07:38 hal snort[2483]: Frag3 engine config: Sep 6 08:07:38 hal snort[2483]: Target-based policy: FIRST Sep 6 08:07:38 hal snort[2483]: Fragment timeout: 60 seconds Sep 6 08:07:38 hal snort[2483]: Fragment min_ttl: 1 Sep 6 08:07:38 hal snort[2483]: Fragment ttl_limit: 5 Sep 6 08:07:38 hal snort[2483]: Fragment Problems: 1 Sep 6 08:07:38 hal snort[2483]: Bound Addresses: 0.0.0.0/0.0.0.0 Sep 6 08:07:38 hal snort[2483]: Stream4 config: Sep 6 08:07:38 hal snort[2483]: Stateful inspection: ACTIVE Sep 6 08:07:38 hal snort[2483]: Session statistics: INACTIVE Sep 6 08:07:38 hal snort[2483]: Session timeout: 30 seconds Sep 6 08:07:38 hal snort[2483]: Session memory cap: 8388608 bytes Sep 6 08:07:38 hal snort[2483]: Session count max: 8192 sessions Sep 6 08:07:38 hal snort[2483]: Session cleanup count: 5 Sep 6 08:07:38 hal snort[2483]: State alerts: INACTIVE Sep 6 08:07:38 hal snort[2483]: Evasion alerts: INACTIVE Sep 6 08:07:38 hal snort[2483]: Scan alerts: INACTIVE Sep 6 08:07:38 hal snort[2483]: Log Flushed Streams: INACTIVE Sep 6 08:07:38 hal snort[2483]: MinTTL: 1 Sep 6 08:07:38 hal snort[2483]: TTL Limit: 5 Sep 6 08:07:38 hal snort[2483]: Async Link: 0 Sep 6 08:07:38 hal snort[2483]: State Protection: 0 Sep 6 08:07:38 hal snort[2483]: Self preservation threshold: 50 Sep 6 08:07:38 hal snort[2483]: Self preservation period: 90 Sep 6 08:07:38 hal snort[2483]: Suspend threshold: 200 Sep 6 08:07:38 hal snort[2483]: Suspend period: 30 Sep 6 08:07:38 hal snort[2483]: Enforce TCP State: INACTIVE Sep 6 08:07:38 hal snort[2483]: Midstream Drop Alerts: INACTIVE Sep 6 08:07:38 hal snort[2483]: Server Data Inspection Limit: -1 Sep 6 08:07:38 hal snort[2483]: WARNING /etc/snort.conf(373) => flush_behavior set in config file, using old static flushpoints (0) Sep 6 08:07:38 hal snort[2483]: Stream4_reassemble config: Sep 6 08:07:38 hal snort[2483]: Server reassembly: INACTIVE Sep 6 08:07:38 hal snort[2483]: Client reassembly: ACTIVE Sep 6 08:07:38 hal snort[2483]: Reassembler alerts: ACTIVE Sep 6 08:07:38 hal snort[2483]: Zero out flushed packets: INACTIVE Sep 6 08:07:38 hal snort[2483]: Flush stream on alert: INACTIVE Sep 6 08:07:38 hal snort[2483]: flush_data_diff_size: 500 Sep 6 08:07:38 hal snort[2483]: Reassembler Packet Preferance : Favor Old Sep 6 08:07:38 hal snort[2483]: Packet Sequence Overlap Limit: -1 Sep 6 08:07:38 hal snort[2483]: Flush behavior: Small (<255 bytes) Sep 6 08:07:38 hal snort[2483]: Ports: 21 23 25 42 53 80 110 111 135 136 137 139 143 445 513 1433 1521 3306 Sep 6 08:07:38 hal snort[2483]: Emergency Ports: 21 23 25 42 53 80 110 111 135 136 137 139 143 445 513 1433 1521 3306 Sep 6 08:07:38 hal snort[2483]: rpc_decode arguments: Sep 6 08:07:38 hal snort[2483]: Ports to decode RPC on: 111 32771 Sep 6 08:07:38 hal snort[2483]: alert_fragments: INACTIVE Sep 6 08:07:38 hal snort[2483]: alert_large_fragments: ACTIVE Sep 6 08:07:38 hal snort[2483]: alert_incomplete: ACTIVE Sep 6 08:07:38 hal snort[2483]: alert_multiple_requests: ACTIVE Sep 6 08:07:38 hal suvad: Starting suvad: Sep 6 08:07:38 hal snort[2483]: telnet_decode arguments: Sep 6 08:07:38 hal snort[2483]: Ports to decode telnet on: 21 23 25 119 Sep 6 08:07:38 hal snort[2483]: Portscan Detection Config: Sep 6 08:07:38 hal snort[2483]: Detect Protocols: TCP UDP ICMP IP Sep 6 08:07:38 hal snort[2483]: Detect Scan Type: portscan portsweep decoy_portscan distributed_portscan Sep 6 08:07:38 hal snort[2483]: Sensitivity Level: Low Sep 6 08:07:38 hal snort[2483]: Memcap (in bytes): 10000000 Sep 6 08:07:38 hal snort[2483]: Number of Nodes: 36900 Sep 6 08:07:38 hal snort[2483]: Sep 6 08:07:38 hal snort[2483]: INFO => [Alert_FWsam](FWsamCheckIn) Connected to host 127.0.0.1. Sep 6 08:07:38 hal su(pam_unix)[2495]: session opened for user suva by (uid=0) Sep 6 08:07:39 hal su(pam_unix)[2495]: session closed for user suva Sep 6 08:07:39 hal suvad: succeeded Sep 6 08:07:39 hal suvad:  Sep 6 08:07:39 hal suvad: Sep 6 08:07:39 hal rc: Starting suvad: succeeded Sep 6 08:07:42 hal snort[2483]: Warning: flowbits key 'community_uri.size.1050' is set but not ever checked. Sep 6 08:07:42 hal snort[2483]: Sep 6 08:07:42 hal snort[2483]: +-----------------------[thresholding-config]---------------------------------- Sep 6 08:07:42 hal snort[2483]: | memory-cap : 1048576 bytes Sep 6 08:07:42 hal snort[2483]: +-----------------------[thresholding-global]---------------------------------- Sep 6 08:07:42 hal snort[2483]: | none Sep 6 08:07:42 hal snort[2483]: +-----------------------[thresholding-local]----------------------------------- Sep 6 08:07:42 hal snort[2483]: | gen-id=1 sig-id=2000031 type=Limit tracking=dst count=1 seconds=60 Sep 6 08:07:42 hal snort[2483]: | gen-id=1 sig-id=2494 type=Both tracking=dst count=20 seconds=60 Sep 6 08:07:42 hal snort[2483]: | gen-id=1 sig-id=100000158 type=Both tracking=src count=100 seconds=60 Sep 6 08:07:42 hal snort[2483]: | gen-id=1 sig-id=3000001 type=Threshold tracking=src count=6 seconds=30 Sep 6 08:07:42 hal snort[2483]: | gen-id=1 sig-id=2275 type=Threshold tracking=dst count=5 seconds=60 Sep 6 08:07:42 hal snort[2483]: | gen-id=1 sig-id=100000162 type=Both tracking=src count=100 seconds=60 Sep 6 08:07:42 hal snort[2483]: | gen-id=1 sig-id=2523 type=Both tracking=dst count=10 seconds=10 Sep 6 08:07:42 hal snort[2483]: | gen-id=1 sig-id=2001906 type=Both tracking=src count=5 seconds=60 Sep 6 08:07:42 hal snort[2483]: | gen-id=1 sig-id=2496 type=Both tracking=dst count=20 seconds=60 Sep 6 08:07:42 hal snort[2483]: | gen-id=1 sig-id=3152 type=Threshold tracking=src count=5 seconds=2 Sep 6 08:07:42 hal snort[2483]: | gen-id=1 sig-id=3273 type=Threshold tracking=src count=5 seconds=2 Sep 6 08:07:42 hal snort[2483]: | gen-id=1 sig-id=100000161 type=Both tracking=dst count=100 seconds=60 Sep 6 08:07:42 hal snort[2483]: | gen-id=1 sig-id=2000049 type=Limit tracking=dst count=1 seconds=60 Sep 6 08:07:42 hal snort[2483]: | gen-id=1 sig-id=100000877 type=Limit tracking=src count=1 seconds=300 Sep 6 08:07:42 hal snort[2483]: | gen-id=1 sig-id=100000208 type=Threshold tracking=src count=50 seconds=60 Sep 6 08:07:42 hal snort[2483]: | gen-id=1 sig-id=3000002 type=Threshold tracking=src count=6 seconds=30 Sep 6 08:07:42 hal snort[2483]: | gen-id=1 sig-id=2000048 type=Limit tracking=dst count=1 seconds=60 Sep 6 08:07:42 hal snort[2483]: | gen-id=1 sig-id=3527 type=Limit tracking=dst count=5 seconds=60 Sep 6 08:07:42 hal snort[2483]: | gen-id=1 sig-id=100000159 type=Both tracking=src count=100 seconds=60 Sep 6 08:07:42 hal snort[2483]: | gen-id=1 sig-id=100000160 type=Both tracking=src count=300 seconds=60 Sep 6 08:07:42 hal snort[2483]: | gen-id=1 sig-id=2495 type=Both tracking=dst count=20 seconds=60 Sep 6 08:07:42 hal snort[2483]: | gen-id=1 sig-id=100000163 type=Both tracking=src count=100 seconds=60 Sep 6 08:07:42 hal snort[2483]: +-----------------------[suppression]------------------------------------------ Sep 6 08:07:42 hal snort[2483]: | none Sep 6 08:07:42 hal snort[2483]: ------------------------------------------------------------------------------- Sep 6 08:07:42 hal snort[2483]: Rule application order: ->activation->dynamic->drop->alert->pass->log Sep 6 08:07:42 hal snort[2483]: Log directory = /var/log/snort Sep 6 08:07:42 hal snort[2483]: Snort initialization completed successfully (pid=2483) Sep 6 08:07:43 hal syswatch: syswatch startup succeeded Sep 6 08:07:51 hal ldap: slapd shutdown succeeded Sep 6 08:07:51 hal ldap: slurpd shutdown succeeded Sep 6 08:07:51 hal ldap: succeeded Sep 6 08:07:51 hal ldap: slapd startup succeeded Sep 6 08:07:52 hal ldap: slurpd startup succeeded Sep 6 08:07:52 hal smb: smbd shutdown succeeded Sep 6 08:07:52 hal smb: nmbd shutdown succeeded Sep 6 08:07:52 hal smb: smbd startup succeeded Sep 6 08:07:52 hal smb: nmbd startup succeeded Sep 6 08:07:53 hal firewall: succeeded Sep 6 08:07:54 hal snortsam: snortsam shutdown succeeded Sep 6 08:07:55 hal snortsam: snortsam startup succeeded Sep 6 08:07:53 hal ntpdate[3122]: step time server 195.13.23.5 offset -2.876283 sec Sep 6 08:26:54 hal snort[2483]: INFO => [Alert_FWsam] Had to use initial key! Sep 6 08:26:54 hal snort[2483]: INFO => [Alert_FWsam](FWsamCheckIn) Connected to host 127.0.0.1. Sep 6 11:38:12 hal kernel: mysqld invoked oom-killer: gfp_mask=0x201d2, order=0, oomkilladj=0 Sep 6 11:38:23 hal kernel: [out_of_memory+118/257] out_of_memory+0x76/0x101 Sep 6 11:38:23 hal kernel: [] out_of_memory+0x76/0x101 Sep 6 11:38:23 hal kernel: [__alloc_pages+513/646] __alloc_pages+0x201/0x286 Sep 6 11:38:23 hal kernel: [] __alloc_pages+0x201/0x286 Sep 6 11:38:23 hal kernel: [__do_page_cache_readahead+193/287] __do_page_cache_readahead+0xc1/0x11f Sep 6 11:38:23 hal kernel: [] __do_page_cache_readahead+0xc1/0x11f Sep 6 11:38:23 hal kernel: [filemap_nopage+361/784] filemap_nopage+0x169/0x310 Sep 6 11:38:23 hal kernel: [] filemap_nopage+0x169/0x310 Sep 6 11:38:23 hal kernel: [do_no_page+145/704] do_no_page+0x91/0x2c0 Sep 6 11:38:23 hal kernel: [] do_no_page+0x91/0x2c0 Sep 6 11:38:23 hal kernel: [apic_timer_interrupt+31/36] apic_timer_interrupt+0x1f/0x24 Sep 6 11:38:23 hal kernel: [] apic_timer_interrupt+0x1f/0x24 Sep 6 11:38:23 hal kernel: [__handle_mm_fault+259/516] __handle_mm_fault+0x103/0x204 Sep 6 11:38:23 hal kernel: [] __handle_mm_fault+0x103/0x204 Sep 6 11:38:23 hal kernel: [do_page_fault+563/1254] do_page_fault+0x233/0x4e6 Sep 6 11:38:23 hal kernel: [] do_page_fault+0x233/0x4e6 Sep 6 11:38:23 hal kernel: [do_page_fault+0/1254] do_page_fault+0x0/0x4e6 Sep 6 11:38:23 hal kernel: [] do_page_fault+0x0/0x4e6 Sep 6 11:38:23 hal kernel: [error_code+57/64] error_code+0x39/0x40 Sep 6 11:38:23 hal kernel: [] error_code+0x39/0x40 Sep 6 11:38:23 hal kernel: ======================= Sep 6 11:38:23 hal kernel: Mem-info: Sep 6 11:38:23 hal kernel: DMA per-cpu: Sep 6 11:38:23 hal kernel: cpu 0 hot: high 0, batch 1 used:0 Sep 6 11:38:23 hal kernel: cpu 0 cold: high 0, batch 1 used:0 Sep 6 11:38:23 hal kernel: DMA32 per-cpu: empty Sep 6 11:38:23 hal kernel: Normal per-cpu: Sep 6 11:38:23 hal kernel: cpu 0 hot: high 186, batch 31 used:17 Sep 6 11:38:23 hal kernel: cpu 0 cold: high 62, batch 15 used:14 Sep 6 11:38:23 hal kernel: HighMem per-cpu: Sep 6 11:38:23 hal kernel: cpu 0 hot: high 18, batch 3 used:17 Sep 6 11:38:23 hal kernel: cpu 0 cold: high 6, batch 1 used:1 Sep 6 11:38:23 hal kernel: Free pages: 9736kB (128kB HighMem) Sep 6 11:38:23 hal kernel: Active:118551 inactive:116901 dirty:0 writeback:0 unstable:0 free:2434 slab:1753 mapped-file:113 mapped-anon:234866 pagetables:926 Sep 6 11:38:23 hal kernel: DMA free:3840kB min:68kB low:84kB high:100kB active:4332kB inactive:4016kB present:16384kB pages_scanned:15108 all_unreclaimable? yes Sep 6 11:38:23 hal kernel: lowmem_reserve[]: 0 0 880 943 Sep 6 11:38:23 hal kernel: DMA32 free:0kB min:0kB low:0kB high:0kB active:0kB inactive:0kB present:0kB pages_scanned:0 all_unreclaimable? no Sep 6 11:38:23 hal kernel: lowmem_reserve[]: 0 0 880 943 Sep 6 11:38:23 hal kernel: Normal free:5768kB min:3756kB low:4692kB high:5632kB active:438544kB inactive:433368kB present:901120kB pages_scanned:1736778 all_unreclaimable? yes Sep 6 11:38:23 hal kernel: lowmem_reserve[]: 0 0 0 511 Sep 6 11:38:23 hal kernel: HighMem free:128kB min:128kB low:196kB high:264kB active:31328kB inactive:30220kB present:65472kB pages_scanned:109743 all_unreclaimable? yes Sep 6 11:38:23 hal kernel: lowmem_reserve[]: 0 0 0 0 Sep 6 11:38:23 hal kernel: DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 1*256kB 1*512kB 1*1024kB 1*2048kB 0*4096kB = 3840kB Sep 6 11:38:23 hal kernel: DMA32: empty Sep 6 11:38:23 hal kernel: Normal: 0*4kB 9*8kB 2*16kB 1*32kB 0*64kB 0*128kB 0*256kB 1*512kB 1*1024kB 0*2048kB 1*4096kB = 5768kB Sep 6 11:38:23 hal kernel: HighMem: 0*4kB 2*8kB 1*16kB 1*32kB 1*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 128kB Sep 6 11:38:23 hal kernel: Swap cache: add 498357, delete 498357, find 4304/5003, race 0+0 Sep 6 11:38:23 hal kernel: Free swap = 0kB Sep 6 11:38:23 hal kernel: Total swap = 1966072kB Sep 6 11:38:23 hal kernel: Free swap: 0kB Sep 6 11:38:23 hal kernel: 245744 pages of RAM Sep 6 11:38:23 hal kernel: 16368 pages of HIGHMEM Sep 6 11:38:23 hal kernel: 3204 reserved pages Sep 6 11:38:23 hal kernel: 1212 pages shared Sep 6 11:38:23 hal kernel: 0 pages swap cached Sep 6 11:38:23 hal kernel: 0 pages dirty Sep 6 11:38:23 hal kernel: 0 pages writeback Sep 6 11:38:23 hal kernel: 113 pages mapped Sep 6 11:38:23 hal kernel: 1753 pages slab Sep 6 11:38:23 hal kernel: 926 pages pagetables Sep 6 11:38:23 hal kernel: Out of memory: Killed process 2252 (mysqld). Sep 6 11:40:39 hal kernel: syslogd invoked oom-killer: gfp_mask=0x201d2, order=0, oomkilladj=0 Sep 6 11:40:39 hal kernel: [out_of_memory+118/257] out_of_memory+0x76/0x101 Sep 6 11:40:39 hal kernel: [] out_of_memory+0x76/0x101 Sep 6 11:40:39 hal kernel: [__alloc_pages+513/646] __alloc_pages+0x201/0x286 Sep 6 11:40:39 hal kernel: [] __alloc_pages+0x201/0x286 Sep 6 11:40:39 hal kernel: [__do_page_cache_readahead+193/287] __do_page_cache_readahead+0xc1/0x11f Sep 6 11:40:39 hal kernel: [] __do_page_cache_readahead+0xc1/0x11f Sep 6 11:40:39 hal kernel: [filemap_nopage+361/784] filemap_nopage+0x169/0x310 Sep 6 11:40:39 hal kernel: [] filemap_nopage+0x169/0x310 Sep 6 11:40:39 hal kernel: [do_no_page+145/704] do_no_page+0x91/0x2c0 Sep 6 11:40:39 hal kernel: [] do_no_page+0x91/0x2c0 Sep 6 11:40:39 hal kernel: [__handle_mm_fault+259/516] __handle_mm_fault+0x103/0x204 Sep 6 11:40:39 hal kernel: [] __handle_mm_fault+0x103/0x204 Sep 6 11:40:39 hal kernel: [do_page_fault+563/1254] do_page_fault+0x233/0x4e6 Sep 6 11:40:39 hal kernel: [] do_page_fault+0x233/0x4e6 Sep 6 11:40:39 hal kernel: [sys_sigreturn+185/221] sys_sigreturn+0xb9/0xdd Sep 6 11:40:39 hal kernel: [] sys_sigreturn+0xb9/0xdd Sep 6 11:40:39 hal kernel: [do_page_fault+0/1254] do_page_fault+0x0/0x4e6 Sep 6 11:40:39 hal kernel: [] do_page_fault+0x0/0x4e6 Sep 6 11:40:39 hal kernel: [error_code+57/64] error_code+0x39/0x40 Sep 6 11:40:39 hal kernel: [] error_code+0x39/0x40 Sep 6 11:40:39 hal kernel: ======================= Sep 6 11:40:39 hal kernel: Mem-info: Sep 6 11:40:39 hal kernel: DMA per-cpu: Sep 6 11:40:39 hal kernel: cpu 0 hot: high 0, batch 1 used:0 Sep 6 11:40:39 hal kernel: cpu 0 cold: high 0, batch 1 used:0 Sep 6 11:40:39 hal kernel: DMA32 per-cpu: empty Sep 6 11:40:39 hal kernel: Normal per-cpu: Sep 6 11:40:39 hal kernel: cpu 0 hot: high 186, batch 31 used:59 Sep 6 11:40:39 hal kernel: cpu 0 cold: high 62, batch 15 used:55 Sep 6 11:40:39 hal kernel: HighMem per-cpu: Sep 6 11:40:39 hal kernel: cpu 0 hot: high 18, batch 3 used:13 Sep 6 11:40:39 hal kernel: cpu 0 cold: high 6, batch 1 used:5 Sep 6 11:40:39 hal kernel: Free pages: 9756kB (128kB HighMem) Sep 6 11:40:39 hal kernel: Active:82610 inactive:153059 dirty:0 writeback:0 unstable:0 free:2439 slab:1680 mapped-file:12 mapped-anon:235032 pagetables:922 Sep 6 11:40:39 hal kernel: DMA free:3840kB min:68kB low:84kB high:100kB active:4220kB inactive:4124kB present:16384kB pages_scanned:15328 all_unreclaimable? yes Sep 6 11:40:39 hal kernel: lowmem_reserve[]: 0 0 880 943 Sep 6 11:40:39 hal kernel: DMA32 free:0kB min:0kB low:0kB high:0kB active:0kB inactive:0kB present:0kB pages_scanned:0 all_unreclaimable? no Sep 6 11:40:39 hal kernel: lowmem_reserve[]: 0 0 880 943 Sep 6 11:40:39 hal kernel: Normal free:5788kB min:3756kB low:4692kB high:5632kB active:295456kB inactive:577604kB present:901120kB pages_scanned:15248736 all_unreclaimable? yes Sep 6 11:40:39 hal kernel: lowmem_reserve[]: 0 0 0 511 Sep 6 11:40:39 hal kernel: HighMem free:128kB min:128kB low:196kB high:264kB active:30764kB inactive:30508kB present:65472kB pages_scanned:132991 all_unreclaimable? yes Sep 6 11:40:39 hal kernel: lowmem_reserve[]: 0 0 0 0 Sep 6 11:40:39 hal kernel: DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 1*256kB 1*512kB 1*1024kB 1*2048kB 0*4096kB = 3840kB Sep 6 11:40:39 hal kernel: DMA32: empty Sep 6 11:40:39 hal kernel: Normal: 1*4kB 7*8kB 4*16kB 1*32kB 2*64kB 1*128kB 1*256kB 0*512kB 1*1024kB 0*2048kB 1*4096kB = 5788kB Sep 6 11:40:39 hal kernel: HighMem: 0*4kB 2*8kB 1*16kB 1*32kB 1*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 128kB Sep 6 11:40:39 hal kernel: Swap cache: add 505090, delete 505090, find 4450/5292, race 0+0 Sep 6 11:40:39 hal kernel: Free swap = 0kB Sep 6 11:40:39 hal kernel: Total swap = 1966072kB Sep 6 11:40:39 hal kernel: Free swap: 0kB Sep 6 11:40:39 hal kernel: 245744 pages of RAM Sep 6 11:40:39 hal kernel: 16368 pages of HIGHMEM Sep 6 11:40:39 hal kernel: 3204 reserved pages Sep 6 11:40:39 hal kernel: 246 pages shared Sep 6 11:40:39 hal kernel: 0 pages swap cached Sep 6 11:40:39 hal kernel: 0 pages dirty Sep 6 11:40:39 hal kernel: 0 pages writeback Sep 6 11:40:39 hal kernel: 12 pages mapped Sep 6 11:40:39 hal kernel: 1680 pages slab Sep 6 11:40:39 hal kernel: 922 pages pagetables Sep 6 11:40:39 hal kernel: Out of memory: Killed process 2242 (squeezeboxserve). Sep 6 11:40:39 hal kernel: webconfig invoked oom-killer: gfp_mask=0x201d2, order=0, oomkilladj=0 Sep 6 11:40:39 hal kernel: [out_of_memory+118/257] out_of_memory+0x76/0x101 Sep 6 11:40:39 hal kernel: [] out_of_memory+0x76/0x101 Sep 6 11:40:39 hal kernel: [__alloc_pages+513/646] __alloc_pages+0x201/0x286 Sep 6 11:40:39 hal kernel: [] __alloc_pages+0x201/0x286 Sep 6 11:40:39 hal kernel: [__do_page_cache_readahead+193/287] __do_page_cache_readahead+0xc1/0x11f Sep 6 11:40:39 hal kernel: [] __do_page_cache_readahead+0xc1/0x11f Sep 6 11:40:39 hal kernel: [filemap_nopage+361/784] filemap_nopage+0x169/0x310 Sep 6 11:40:39 hal kernel: [] filemap_nopage+0x169/0x310 Sep 6 11:40:39 hal kernel: [do_no_page+145/704] do_no_page+0x91/0x2c0 Sep 6 11:40:39 hal kernel: [] do_no_page+0x91/0x2c0 Sep 6 11:40:39 hal kernel: [do_swap_page+673/718] do_swap_page+0x2a1/0x2ce Sep 6 11:40:39 hal kernel: [] do_swap_page+0x2a1/0x2ce Sep 6 11:40:39 hal kernel: [__handle_mm_fault+259/516] __handle_mm_fault+0x103/0x204 Sep 6 11:40:39 hal kernel: [] __handle_mm_fault+0x103/0x204 Sep 6 11:40:39 hal kernel: [do_page_fault+563/1254] do_page_fault+0x233/0x4e6 Sep 6 11:40:39 hal kernel: [] do_page_fault+0x233/0x4e6 Sep 6 11:40:39 hal kernel: [do_page_fault+0/1254] do_page_fault+0x0/0x4e6 Sep 6 11:40:39 hal kernel: [] do_page_fault+0x0/0x4e6 Sep 6 11:40:39 hal kernel: [error_code+57/64] error_code+0x39/0x40 Sep 6 11:40:39 hal kernel: [] error_code+0x39/0x40 Sep 6 11:40:39 hal kernel: ======================= Sep 6 11:40:39 hal kernel: Mem-info: Sep 6 11:40:39 hal kernel: DMA per-cpu: Sep 6 11:40:39 hal kernel: cpu 0 hot: high 0, batch 1 used:0 Sep 6 11:40:39 hal kernel: cpu 0 cold: high 0, batch 1 used:0 Sep 6 11:40:39 hal kernel: DMA32 per-cpu: empty Sep 6 11:40:39 hal kernel: Normal per-cpu: Sep 6 11:40:39 hal kernel: cpu 0 hot: high 186, batch 31 used:51 Sep 6 11:40:39 hal kernel: cpu 0 cold: high 62, batch 15 used:48 Sep 6 11:40:39 hal kernel: HighMem per-cpu: Sep 6 11:40:39 hal kernel: cpu 0 hot: high 18, batch 3 used:13 Sep 6 11:40:39 hal kernel: cpu 0 cold: high 6, batch 1 used:5 Sep 6 11:40:39 hal kernel: Free pages: 9756kB (128kB HighMem) Sep 6 11:40:39 hal kernel: Active:91469 inactive:143877 dirty:0 writeback:0 unstable:0 free:2439 slab:1684 mapped-file:16 mapped-anon:235032 pagetables:922 Sep 6 11:40:39 hal kernel: DMA free:3840kB min:68kB low:84kB high:100kB active:4220kB inactive:4124kB present:16384kB pages_scanned:33696 all_unreclaimable? yes Sep 6 11:40:39 hal kernel: lowmem_reserve[]: 0 0 880 943 Sep 6 11:40:39 hal kernel: DMA32 free:0kB min:0kB low:0kB high:0kB active:0kB inactive:0kB present:0kB pages_scanned:0 all_unreclaimable? no Sep 6 11:40:39 hal kernel: lowmem_reserve[]: 0 0 880 943 Sep 6 11:40:39 hal kernel: Normal free:5788kB min:3756kB low:4692kB high:5632kB active:330844kB inactive:540816kB present:901120kB pages_scanned:1816885 all_unreclaimable? yes Sep 6 11:40:39 hal kernel: lowmem_reserve[]: 0 0 0 511 Sep 6 11:40:39 hal kernel: HighMem free:128kB min:128kB low:196kB high:264kB active:30812kB inactive:30568kB present:65472kB pages_scanned:169855 all_unreclaimable? yes Sep 6 11:40:39 hal kernel: lowmem_reserve[]: 0 0 0 0 Sep 6 11:40:39 hal kernel: DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 1*256kB 1*512kB 1*1024kB 1*2048kB 0*4096kB = 3840kB Sep 6 11:40:39 hal kernel: DMA32: empty Sep 6 11:40:39 hal kernel: Normal: 1*4kB 7*8kB 4*16kB 1*32kB 2*64kB 1*128kB 1*256kB 0*512kB 1*1024kB 0*2048kB 1*4096kB = 5788kB Sep 6 11:40:39 hal kernel: HighMem: 0*4kB 2*8kB 1*16kB 1*32kB 1*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 128kB Sep 6 11:40:39 hal kernel: Swap cache: add 505090, delete 505090, find 4450/5292, race 0+0 Sep 6 11:40:39 hal kernel: Free swap = 0kB Sep 6 11:40:39 hal kernel: Total swap = 1966072kB Sep 6 11:40:39 hal kernel: Free swap: 0kB Sep 6 11:40:39 hal kernel: 245744 pages of RAM Sep 6 11:40:39 hal kernel: 16368 pages of HIGHMEM Sep 6 11:40:39 hal kernel: 3204 reserved pages Sep 6 11:40:39 hal kernel: 565 pages shared Sep 6 11:40:39 hal kernel: 0 pages swap cached Sep 6 11:40:39 hal kernel: 0 pages dirty Sep 6 11:40:39 hal kernel: 0 pages writeback Sep 6 11:40:39 hal kernel: 16 pages mapped Sep 6 11:40:39 hal kernel: 1684 pages slab Sep 6 11:40:39 hal kernel: 922 pages pagetables Sep 6 11:41:13 hal sshd(pam_unix)[1781]: session opened for user root by (uid=0) Sep 6 11:42:08 hal sshd(pam_unix)[17011]: session opened for user root by (uid=0)