summaryrefslogtreecommitdiff
path: root/logcheck/violations.ignore.d/temp
blob: a08d1b3d57fedbd6a28a35deeae1fcfed14e8266 (plain) 
    

  1. (imap|netatalk|pop|samba)\(pam_unix\)\[[0-9]+\]: authentication failure; logname= uid=0 euid=0 tty=[^[:space:]]* ruser= rhost=[^[:space:]]*  user=[[:alnum:]]+$
    2. 

  2. afpd\[[0-9]+\]: afp_flushfork: of_find: Permission denied
    3. 

  3. afpd\[[0-9]+\]: afp_getsrvrparms: stat /volumes/(km/kmstab/kmstab|kp/kp(/kp|/kpstab|stab/kpstab)|misc/flstab/flstab): Permission denied
    4. 

  4. afpd\[[0-9]+\]: bad function 7A
    5. 

  5. afpd\[[0-9]+\]: cnid_open: Cannot establish logfile cleanup lock for database environment .*/\.AppleDB/cnid\.lock \(open\(\) failed\)
    6. 

  6. afpd\[[0-9]+\]: dsi_stream_read\(0\): Permission denied
    7. 

  7. afpd\[[0-9]+\]: error removing /.+/net[\.0-9]+node[0-9]+: Permission denied
    8. 

  8. afpd\[[0-9]+\]: uams_dhx_pam\.c :PAM: PAM_Error: Authentication failure -- (Bad file descriptor|Invalid argument)
    9. 

  9. IMP\[[0-9]+\]: FAILED .* to .*:143 as .*
    10. 

  10. i(map|pop3)d\[[0-9]+\]: (AUTHENTICATE (LOGIN|PLAIN) failure|Login failed)( user=.*)? host=(.* )?\[.*\]
    11. 

  11. kernel: IP_MASQ:reverse ICMP: failed checksum from .*!
    12. 

  12. kernel: Packet log: input DENY eth1 PROTO=1 0.0.0.0:5 10.0.0.40:1 L=427 S=0xD0 I=0 F=0x4000 T=255 \(#22\)
    13. 

  13. PAM_unix\[[0-9]+\]: authentication failure; \(uid=0\) -> .* for (imap|netatalk|pop|samba|ssh) service
    14. 

  14. portsentry\[[0-9]+\]: attackalert: .*
    15. 

  15. smbd\[[0-9]+\]:   api_rpcTNP: api_srvsvc_rpc: SRV_NET_SHARE_ADD failed. $
    16. 

  16. smbd\[[0-9]+\]:   read(_socket)?_data: (read|recv) failure for 4. Error = (No route to host|Connection reset by peer) $
    17. 

  17. smbd\[[0-9]+\]:   smb_pam_passcheck: PAM: smb_pam_auth failed - Rejecting User [[:alnum:]]+ !
    18. 

  18. smbd\[[0-9]+\]:   yield_connection: tdb_delete for name  failed with error Record does not exist\.
    19. 

  19. sshd\[[0-9]+\]: Failed password for .*
    20. 

  20. pumpd\[[0-9]+\]: SO_BINDTODEVICE eth0 \(4\) failed: Invalid argument
    21. 

  21. postfix/smtpd\[[0-9]+\]: reject: .*: 550 <.*>: User unknown; .*
    22. 

  22. postfix/smtpd\[[0-9]+\]: reject: .*: 554 <.*>: Recipient address rejected: User unknown; .*
    23. 

  23. postfix.*\[[0-9]+\]: .* from=<(groove@mailomat.grooveattack.com|refused@maila.com)>
    24. 

  24. snort: spp_http_decode: IIS Unicode attack detected:
    25. 

  25. postgres\[[0-9]+\]: \[[0-9-]+\] DEBUG: .*
    26.
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-30 18:14:51 +0000