Need help: Receiving huge file - system check with security violations from server

A few days the NOC had to ghost content of the primary drive to a new primary drive because I started receiving kernel error messages in logwatch. Ghost were successfully except that we had to recompile apache afterwards. But since then I've received a huge file every day. The subject line of this file is:

server.domain.com 02/17/04:04.02 system check

The heading in this file is 'Security Violations'.

It looks like the tech at the NOC doesn't know what to do now as he is asking for suggestions. The tech I used blocked an IP for port scanning, but that didn't do anything good - also, part of the content with this file were only a small fraction of the entire file.

fsck's on all filesystems came back clean, and the diagnostics on both drives returned no error codes.

So I really needs some helpfíguring out what to do next. Can anybody here help?

Thanks
John

 

 

 

 

Top