For reasons of unknown cause, a huge size of syslog continues to be created

18.04 syslog

I am struggling with huge syslog files that occur frequently. In only 24 hours, 740G files were created, and a lots of addresses were recorded.

Even similar domains and ip addresses appear repeatedly.

syslog, syslog.1, syslog.2.gz, syslog.3.gz, syslog.4.gz, syslog.5.gz, syslog.6.gz, syslog.7.gz Eight files have been created, all of which are 1.5T in size.

These huge files have filled the root mount, and they continue to produce the following errors.

bash: cannot create temp file for here-document: No space left on device

I'm sharing the log contents.

Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mitziejamelymb69.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mitziejamelymb691.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mitziejamelymb69.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mitziejamelymb691.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mitziejamelymb69.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mitziejamelymb691.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      45.12.6.88
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      45.12.6.88
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      haumea.vds.sh
Oct 28 00:41:45 bio507-3 vino-server[4958]: message repeated 2 times: [ 28/10/2021 00h 41m 45s      haumea.vds.sh]
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mitziejamelymb69.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mitziejamelymb691.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mitziejamelymb69.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mitziejamelymb691.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mitziejamelymb69.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mitziejamelymb691.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      45.12.6.88
Oct 28 00:41:45 bio507-3 vino-server[4958]: message repeated 2 times: [ 28/10/2021 00h 41m 45s      45.12.6.88]
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      haumea.vds.sh
Oct 28 00:41:45 bio507-3 vino-server[4958]: message repeated 2 times: [ 28/10/2021 00h 41m 45s      haumea.vds.sh]
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mitziejamelymb69.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mitziejamelymb69.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mitziejamelymb691.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mitziejamelymb69.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mitziejamelymb691.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mitziejamelymb691.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      221.165.214.185
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      45.12.6.88
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      106.246.244.122
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      45.12.6.88
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      45.12.6.88
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      haumea.vds.sh
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      haumea.vds.sh
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mitziejamelymb69.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mitziejamelymb69.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mitziejamelymb691.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: message repeated 2 times: [ 28/10/2021 00h 41m 45s      haumea.vds.sh]
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mandimichaelibws961.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      45.12.6.88
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mandimichaelibws961.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      45.12.6.88
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mitziejamelymb69.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      106.246.244.122
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mitziejamelymb69.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mitziejamelymb69.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      176.111.173.12
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      176.111.173.12
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      haumea.vds.sh
Oct 28 00:41:45 bio507-3 vino-server[4958]: message repeated 2 times: [ 28/10/2021 00h 41m 45s      haumea.vds.sh]
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mandimichaelibws961.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      45.12.6.88
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mandimichaelibws961.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      45.12.6.88
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mandimichaelibws961.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mitziejamelymb69.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      45.12.6.88
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mitziejamelymb69.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      176.111.173.12
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mitziejamelymb69.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      176.111.173.12
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      haumea.vds.sh
Oct 28 00:41:45 bio507-3 vino-server[4958]: message repeated 2 times: [ 28/10/2021 00h 41m 45s      haumea.vds.sh]
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mandimichaelibws961.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      45.12.6.88
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mandimichaelibws961.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      45.12.6.88
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mitziejamelymb69.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      45.12.6.88
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mitziejamelymb69.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      176.111.173.12
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mitziejamelymb69.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      176.111.173.12
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      176.111.173.12
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      haumea.vds.sh
Oct 28 00:41:45 bio507-3 vino-server[4958]: message repeated 2 times: [ 28/10/2021 00h 41m 45s      haumea.vds.sh]
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mandimichaelibws961.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      45.12.6.88
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mandimichaelibws961.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      45.12.6.88
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mandimichaelibws961.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mitziejamelymb69.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      45.12.6.88
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mitziejamelymb69.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      176.111.173.12
Oct 28 00:41:45 bio507-3 vino-server[4958]: message repeated 2 times: [ 28/10/2021 00h 41m 45s      176.111.173.12]
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      haumea.vds.sh
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      haumea.vds.sh
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mandimichaelibws961.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      45.12.6.88
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mandimichaelibws961.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mitziejamelymb69.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      45.12.6.88
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mitziejamelymb69.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mandimichaelibws961.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mitziejamelymb69.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      176.111.173.12
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      video.nowfc.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      176.111.173.12
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      176.111.173.12
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      haumea.vds.sh
Oct 28 00:41:45 bio507-3 vino-server[4958]: message repeated 2 times: [ 28/10/2021 00h 41m 45s      haumea.vds.sh]
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      45.12.6.88
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mandimichaelibws961.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      45.12.6.88
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mitziejamelymb69.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mandimichaelibws961.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mitziejamelymb69.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      45.12.6.88
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mitziejamelymb69.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      176.111.173.12
Oct 28 00:41:45 bio507-3 vino-server[4958]: message repeated 2 times: [ 28/10/2021 00h 41m 45s      176.111.173.12]
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      106.246.244.122
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      haumea.vds.sh
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      haumea.vds.sh
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      mandimichaelibws961.example.com
Oct 28 00:41:45 bio507-3 vino-server[4958]: 28/10/2021 00h 41m 45s      haumea.vds.sh

I doubt that this is related to hacking.

What do experts think?

I know that there is no problem with the system even if I delete these files, but I want to know the cause of the huge log file that continues to be generated even after deletion.

I am using Ubuntu version 18.04.

I don't want these huge log files to be created anymore. If hacking or other problems are the cause, please advise on how to solve them.

Thank you.


You are likely being attacked. Are you behind some kind of firewall?

You better use VNC via SSH tunneling.

Related

  1. https://ubuntuforums.org/showthread.php?t=2362684
  2. https://forums.developer.nvidia.com/t/do-you-know-what-the-following-in-syslog-means/111348
  3. Is my Vino server being attacked?

Related

Cannot delete file, because it doesn't exist -- even if I say "rm *" -- and chmod works
Command last does not show logins through sFTP, is there something similar or any logs?
Can't run shell script by double click in Files (Ubuntu 21.10)
Configure xscreensaver to use another program's screensaver?
Install Ubuntu without a USB flash drive or CD
WD External HDD Input Output Error,
Ubuntu Desktop folders, icons, and files are not visible
What is wrong with this expressions? =CountRows(ReportItems!Textbox58.Value = "Intervene"). I want to count each row which says Intervene
Adding multi addEventListener to specific function
Retrieve String from `.dataTaskPublisher`
Concatenate dataframes for Seaborn hue (adding key)
How To List All Dates Between Two Dates In Excel?