Mein Computer hat sich gestern plötzlich ausgeschaltet, und nachdem ich hier gesucht hatte, fand ich heraus, dass ich mir /var/log/syslog ansehen sollte. Aber ich habe keine Ahnung, wonach ich suchen soll, es passierten eine Menge Dinge um die Zeit des Herunterfahrens. Ich möchte nur wissen, ob es irgendwelche böswilligen Aktivitäten durch einen externen Akteur gab. Ich kann nicht das gesamte Protokoll hier posten, aber hier ist ein Auszug der letzten relevanten Zeilen (obwohl das Herunterfahren kurz davor stattgefunden haben könnte, also weiß ich nicht, ob es relevant ist. Obwohl ich mit diesem Protokoll überhaupt nicht vertraut bin, sehen einige Dinge darin ziemlich seltsam aus). Ich werde das gesamte Protokoll irgendwo posten, wenn jemand eine gute Methode dafür empfehlen kann (das gesamte Protokoll bedeutet von 10 Sekunden vor dem, was ich jetzt gepostet habe, es passierten eine Menge Dinge um 20:17:10).
Mar 11 20:17:20 jonathan-Latitude-E7250 NetworkManager[788]: <info> [1520795840.6499] device (wlan0): Activation: successful, device activated.
Mar 11 20:17:20 jonathan-Latitude-E7250 NetworkManager[788]: <info> [1520795840.6532] manager: startup complete
Mar 11 20:17:20 jonathan-Latitude-E7250 nm-dispatcher: req:2 'up' [wlan0]: new request (1 scripts)
Mar 11 20:17:20 jonathan-Latitude-E7250 nm-dispatcher: req:2 'up' [wlan0]: start running ordered scripts...
Mar 11 20:17:20 jonathan-Latitude-E7250 NetworkManager[788]: <info> [1520795840.8693] dnsmasq[0x99f900]: dnsmasq appeared as :1.85
Mar 11 20:17:20 jonathan-Latitude-E7250 dnsmasq[1980]: setting upstream servers from DBus
Mar 11 20:17:20 jonathan-Latitude-E7250 dnsmasq[1980]: using nameserver 213.80.98.2#53(via wlan0)
Mar 11 20:17:20 jonathan-Latitude-E7250 dnsmasq[1980]: using nameserver 213.80.101.3#53(via wlan0)
Mar 11 20:17:20 jonathan-Latitude-E7250 systemd[1]: Started Network Manager Wait Online.
Mar 11 20:17:20 jonathan-Latitude-E7250 systemd[1]: Reached target Network is Online.
Mar 11 20:17:20 jonathan-Latitude-E7250 systemd[1]: Started Daily apt download activities.
Mar 11 20:17:20 jonathan-Latitude-E7250 systemd[1]: Started Daily apt upgrade and clean activities.
Mar 11 20:17:20 jonathan-Latitude-E7250 systemd[1]: Reached target Timers.
Mar 11 20:17:20 jonathan-Latitude-E7250 systemd[1]: Starting /etc/rc.local Compatibility...
Mar 11 20:17:21 jonathan-Latitude-E7250 systemd[1]: Started crash report submission daemon.
Mar 11 20:17:21 jonathan-Latitude-E7250 systemd[1]: Started /etc/rc.local Compatibility.
Mar 11 20:17:21 jonathan-Latitude-E7250 whoopsie[2058]: [20:17:21] Using lock path: /var/lock/whoopsie/lock
Mar 11 20:17:21 jonathan-Latitude-E7250 systemd[1]: Starting Hold until boot process finishes up...
Mar 11 20:17:21 jonathan-Latitude-E7250 systemd[1]: Started Hold until boot process finishes up.
Mar 11 20:17:21 jonathan-Latitude-E7250 systemd[1]: Starting Set console scheme...
Mar 11 20:17:21 jonathan-Latitude-E7250 systemd[1]: Started Getty on tty1.
Mar 11 20:17:21 jonathan-Latitude-E7250 systemd[1]: Reached target Login Prompts.
Mar 11 20:17:21 jonathan-Latitude-E7250 systemd[1]: Started Set console scheme.
Mar 11 20:17:21 jonathan-Latitude-E7250 whoopsie[2058]: [20:17:21] The default IPv4 route is: /org/freedesktop/NetworkManager/ActiveConnection/0
Mar 11 20:17:21 jonathan-Latitude-E7250 whoopsie[2058]: [20:17:21] Not a paid data plan: /org/freedesktop/NetworkManager/ActiveConnection/0
Mar 11 20:17:21 jonathan-Latitude-E7250 whoopsie[2058]: [20:17:21] Found usable connection: /org/freedesktop/NetworkManager/ActiveConnection/0
Mar 11 20:17:21 jonathan-Latitude-E7250 systemd[1]: Reloading OpenBSD Secure Shell server.
Mar 11 20:17:21 jonathan-Latitude-E7250 systemd[1]: Reloaded OpenBSD Secure Shell server.
Mar 11 20:17:21 jonathan-Latitude-E7250 NetworkManager[788]: <info> [1520795841.7391] manager: WiFi hardware radio set enabled
Mar 11 20:17:21 jonathan-Latitude-E7250 NetworkManager[788]: <info> [1520795841.7394] manager: WWAN hardware radio set enabled
Mar 11 20:17:22 jonathan-Latitude-E7250 systemd[1]: Started Daemon for generating UUIDs.
Mar 11 20:17:22 jonathan-Latitude-E7250 systemd[1]: Reloading OpenBSD Secure Shell server.
Mar 11 20:17:22 jonathan-Latitude-E7250 systemd[1]: Reloaded OpenBSD Secure Shell server.
Mar 11 20:16:34 jonathan-Latitude-E7250 systemd[1294]: Time has been changed
Mar 11 20:16:34 jonathan-Latitude-E7250 ntpdate[2090]: step time server 91.189.89.199 offset -53.780129 sec
Mar 11 20:16:34 jonathan-Latitude-E7250 systemd[1073]: Time has been changed
Mar 11 20:16:34 jonathan-Latitude-E7250 systemd[1]: Time has been changed
Mar 11 20:16:39 jonathan-Latitude-E7250 kernel: [ 25.807814] dell_wmi: Unknown WMI event type 0x12
Mar 11 20:16:40 jonathan-Latitude-E7250 bluetoothd[754]: Endpoint unregistered: sender=:1.44 path=/MediaEndpoint/A2DPSource
Mar 11 20:16:40 jonathan-Latitude-E7250 bluetoothd[754]: Endpoint unregistered: sender=:1.44 path=/MediaEndpoint/A2DPSink
Mar 11 20:16:44 jonathan-Latitude-E7250 org.gnome.zeitgeist.Engine[1439]: ** (zeitgeist-datahub:2344): WARNING **: zeitgeist-datahub.vala:229: Unable to get name "org.gnome.zeitgeist.datahub" on the bus!
Mar 11 20:16:47 jonathan-Latitude-E7250 systemd-timesyncd[609]: Synchronized to time server 91.189.89.199:123 (ntp.ubuntu.com).
Mar 11 20:17:27 jonathan-Latitude-E7250 gnome-session[1584]: pkexec must be setuid root
Mar 11 20:17:28 jonathan-Latitude-E7250 gnome-session[1584]: Gtk-Message: GtkDialog mapped without a transient parent. This is discouraged.
Mar 11 20:17:47 jonathan-Latitude-E7250 systemd[1]: powerd.service: Start operation timed out. Terminating.
Mar 11 20:17:47 jonathan-Latitude-E7250 powerd[801]: SIGTERM recieved, cleaning up
Mar 11 20:18:18 jonathan-Latitude-E7250 systemd[1]: Stopping User Manager for UID 112...
Mar 11 20:18:18 jonathan-Latitude-E7250 systemd[1073]: Stopped target Default.
Mar 11 20:18:18 jonathan-Latitude-E7250 systemd[1073]: Stopped Run Click user-level hooks.
Mar 11 20:18:18 jonathan-Latitude-E7250 systemd[1073]: Stopped target Basic System.
Mar 11 20:18:18 jonathan-Latitude-E7250 systemd[1073]: Stopped target Paths.
Mar 11 20:18:18 jonathan-Latitude-E7250 systemd[1073]: Stopped target Timers.
Mar 11 20:18:18 jonathan-Latitude-E7250 systemd[1073]: Stopped target Sockets.
Mar 11 20:18:18 jonathan-Latitude-E7250 systemd[1073]: Reached target Shutdown.
Mar 11 20:18:18 jonathan-Latitude-E7250 systemd[1073]: Starting Exit the Session...
Mar 11 20:18:18 jonathan-Latitude-E7250 systemd[1073]: Received SIGRTMIN+24 from PID 2840 (kill).
Mar 11 20:18:18 jonathan-Latitude-E7250 systemd[1]: Stopped User Manager for UID 112.
Mar 11 20:18:18 jonathan-Latitude-E7250 systemd[1]: Removed slice User Slice of lightdm.
Mar 11 20:19:17 jonathan-Latitude-E7250 systemd[1]: powerd.service: State 'stop-final-sigterm' timed out. Killing.
Mar 11 20:19:17 jonathan-Latitude-E7250 systemd[1]: powerd.service: Main process exited, code=killed, status=9/KILL
Mar 11 20:19:17 jonathan-Latitude-E7250 systemd[1]: Failed to start monitor and control system power state.
Mar 11 20:19:17 jonathan-Latitude-E7250 systemd[1]: powerd.service: Unit entered failed state.
Mar 11 20:19:17 jonathan-Latitude-E7250 systemd[1]: powerd.service: Failed with result 'signal'.
Mar 11 20:19:17 jonathan-Latitude-E7250 systemd[1]: Reached target Multi-User System.
Mar 11 20:19:17 jonathan-Latitude-E7250 systemd[1]: Reached target Graphical Interface.
Mar 11 20:19:17 jonathan-Latitude-E7250 systemd[1]: Started Stop ureadahead data collection 45s after completed startup.
Mar 11 20:19:17 jonathan-Latitude-E7250 systemd[1]: Starting Update UTMP about System Runlevel Changes...
Mar 11 20:19:17 jonathan-Latitude-E7250 systemd[1]: Started Update UTMP about System Runlevel Changes.
Mar 11 20:19:17 jonathan-Latitude-E7250 systemd[1]: Startup finished in 1.784s (kernel) + 3min 1.701s (userspace) = 3min 3.486s.
Mar 11 20:20:02 jonathan-Latitude-E7250 systemd[1]: Starting Stop ureadahead data collection...
Mar 11 20:20:02 jonathan-Latitude-E7250 systemd[1]: Stopped Read required files in advance.
Mar 11 20:20:02 jonathan-Latitude-E7250 systemd[1]: Started Stop ureadahead data collection.
bearbeiten: Ubuntu 16.04 LTS, Dell Latitude E7250