Suspicious grsec message on logs
Posted: Thu Mar 24, 2005 12:56 amHas anyone seen a message like this?
Mar 24 04:13:50 oopslala kernel: grsec: From xx.xx.xx.xx: (default:D:/usr/sbin/httpd) denied send of signal 14 to protected task /usr/sbin/sshd[sshd:30486] uid/euid:0/0 gid/egid:0/0, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0 by /usr/sbin/httpd[httpd:29067] uid/euid:48/48 gid/egid:48/48, parent /usr/sbin/httpd[httpd:2844] uid/euid:0/0 gid/egid:0/0
I'm using 2.4.29 and latest 2.1.4. Can't quite see why httpd would send a 14 to sshd, and i found nothing suspicious about the IP in question, just normal site browsing.
What could this mean? Maybe some weird grsec misunderstanding?!
Any input is appreciated.
Mar 24 04:13:50 oopslala kernel: grsec: From xx.xx.xx.xx: (default:D:/usr/sbin/httpd) denied send of signal 14 to protected task /usr/sbin/sshd[sshd:30486] uid/euid:0/0 gid/egid:0/0, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0 by /usr/sbin/httpd[httpd:29067] uid/euid:48/48 gid/egid:48/48, parent /usr/sbin/httpd[httpd:2844] uid/euid:0/0 gid/egid:0/0
I'm using 2.4.29 and latest 2.1.4. Can't quite see why httpd would send a 14 to sshd, and i found nothing suspicious about the IP in question, just normal site browsing.
What could this mean? Maybe some weird grsec misunderstanding?!
Any input is appreciated.