Ubuntu Tutorials

I mentioned in a recent post regarding postfix smtp via Gmail that I use the logwatch utility for monitoring my systems.  Ever since I found this utility I have really enjoyed the daily snapshot that it gives me of each of my systems, whether local or remote.  Everything from package installed and removed, to security notifications regarding unsuccessful login attempts.  Here’s how to install and configure Logwatch.

Install The Package

sudo aptitude install logwatch

Configuration

The default configuration can be found in /usr/share/logwatch/default.conf/logwatch.conf.  Take a look around the file, but the main thing you might want to update:

MailTo = root updates to MailTo = user.name@domain.tld

I have my systems email me daily at my gmail address, so each morning I get an overview of the previous days logs.

If you have problems with the mail actually getting out you might want to check out my post regarding Postfix smtp via Gmail.

Today, considering it is a holiday here in the US, I figured I’d take a day off from the tutorials and ask a question of you.

All of my servers run logwatch (which will make for a great tutorial coming up soon), and I pretty regularly see something like this in the daily output:

--------------------- Kernel Begin ------------------------

1 Time(s): TCP: Treason uncloaked! Peer XXX.XX.XX.XXX:XXXX/XX shrinks window 1898670412:1898670413. Repaired.
1 Time(s): TCP: Treason uncloaked! Peer XXX.XX.XX.XXX:XXXX/XX shrinks window 1911943385:1911943386. Repaired.
1 Time(s): TCP: Treason uncloaked! Peer XXX.XX.XX.XXX:XXXX/XX shrinks window 1922304386:1922304387. Repaired.
1 Time(s): TCP: Treason uncloaked! Peer XXX.XX.XX.XXX:XXXX/XX shrinks window 1922444120:1922444121. Repaired.
1 Time(s): TCP: Treason uncloaked! Peer XXX.XX.XX.XXX:XXXX/XX shrinks window 1949802160:1949802161. Repaired.

———————- Kernel End ————————-

I’m not really sure what that means, but if anyone can offer me some feedback I’d appreciate it.  So far I’ve seen conflicting answers from basic Googling.