> I am bit confused here. I have just had some issues with my box and I > am looking for some opinions. I just had been denied access to my > box...supposedly from a memory shortage in reference to my NIC....more > specifically, mbuf clusters exhausted. Now I am looking in my > /var/log/messages for when this started and I notice a discrepancy in my > logs. Now from where I am looking, I see time in the logs go backwards. > You can see it as soon as the box is rebooted. Is there an explanation > for this? it could be that your BIOS time is conflicting with freebsd's - during your install did you select "YES" for "Does your BIOS keep track of time?" or whatever the question is... > The date on the box should not have changed during that reboot, as it > was in sync with ntp and still is. are you sure ntp is running? to check: root@box[~]% \ps -waux | grep ntp > Also, is there a way to make more than one copy of these logs?....I am > not sure how this is set up and but I would like to possibly have > another set of logs in place so if someone is editing them, I can catch > it. I know there is a chance that I may be overreacting., but just in > case I want to know. you can setup another machine to receive logs: http://isber.ucsb.edu/~randall/instructions/loghost/ or just % man 5 syslog.conf -randall -- randall s. ehren :// 805.893.5632 systems administrator :// isber.ucsb.edu institute for social, behavioral, and economic research _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"