Mi computadora se apagó repentinamente ayer y después de buscar aquí descubrí que debería mirar el archivo /var/log/syslog. Pero no tengo idea de qué buscar, sucedieron muchas cosas en el momento del cierre. Sólo quiero saber si hubo alguna actividad maliciosa por parte de algún actor externo. No puedo publicar el registro completo aquí, pero aquí hay un extracto de las últimas líneas relevantes (aunque es posible que el cierre haya ocurrido justo antes de esto, así que no sé si es relevante. Sin embargo, aunque no estoy familiarizado en absoluto con este registro, algunas de las cosas parecen bastante extrañas). Publicaré el registro completo en algún lugar si alguien puede recomendar un buen método para hacerlo (el registro completo significa que desde 10 segundos antes de lo que publiqué ahora, sucedieron muchas cosas alrededor de las 20:17:10).
Mar 11 20:17:20 jonathan-Latitude-E7250 NetworkManager[788]: <info> [1520795840.6499] device (wlan0): Activation: successful, device activated.
Mar 11 20:17:20 jonathan-Latitude-E7250 NetworkManager[788]: <info> [1520795840.6532] manager: startup complete
Mar 11 20:17:20 jonathan-Latitude-E7250 nm-dispatcher: req:2 'up' [wlan0]: new request (1 scripts)
Mar 11 20:17:20 jonathan-Latitude-E7250 nm-dispatcher: req:2 'up' [wlan0]: start running ordered scripts...
Mar 11 20:17:20 jonathan-Latitude-E7250 NetworkManager[788]: <info> [1520795840.8693] dnsmasq[0x99f900]: dnsmasq appeared as :1.85
Mar 11 20:17:20 jonathan-Latitude-E7250 dnsmasq[1980]: setting upstream servers from DBus
Mar 11 20:17:20 jonathan-Latitude-E7250 dnsmasq[1980]: using nameserver 213.80.98.2#53(via wlan0)
Mar 11 20:17:20 jonathan-Latitude-E7250 dnsmasq[1980]: using nameserver 213.80.101.3#53(via wlan0)
Mar 11 20:17:20 jonathan-Latitude-E7250 systemd[1]: Started Network Manager Wait Online.
Mar 11 20:17:20 jonathan-Latitude-E7250 systemd[1]: Reached target Network is Online.
Mar 11 20:17:20 jonathan-Latitude-E7250 systemd[1]: Started Daily apt download activities.
Mar 11 20:17:20 jonathan-Latitude-E7250 systemd[1]: Started Daily apt upgrade and clean activities.
Mar 11 20:17:20 jonathan-Latitude-E7250 systemd[1]: Reached target Timers.
Mar 11 20:17:20 jonathan-Latitude-E7250 systemd[1]: Starting /etc/rc.local Compatibility...
Mar 11 20:17:21 jonathan-Latitude-E7250 systemd[1]: Started crash report submission daemon.
Mar 11 20:17:21 jonathan-Latitude-E7250 systemd[1]: Started /etc/rc.local Compatibility.
Mar 11 20:17:21 jonathan-Latitude-E7250 whoopsie[2058]: [20:17:21] Using lock path: /var/lock/whoopsie/lock
Mar 11 20:17:21 jonathan-Latitude-E7250 systemd[1]: Starting Hold until boot process finishes up...
Mar 11 20:17:21 jonathan-Latitude-E7250 systemd[1]: Started Hold until boot process finishes up.
Mar 11 20:17:21 jonathan-Latitude-E7250 systemd[1]: Starting Set console scheme...
Mar 11 20:17:21 jonathan-Latitude-E7250 systemd[1]: Started Getty on tty1.
Mar 11 20:17:21 jonathan-Latitude-E7250 systemd[1]: Reached target Login Prompts.
Mar 11 20:17:21 jonathan-Latitude-E7250 systemd[1]: Started Set console scheme.
Mar 11 20:17:21 jonathan-Latitude-E7250 whoopsie[2058]: [20:17:21] The default IPv4 route is: /org/freedesktop/NetworkManager/ActiveConnection/0
Mar 11 20:17:21 jonathan-Latitude-E7250 whoopsie[2058]: [20:17:21] Not a paid data plan: /org/freedesktop/NetworkManager/ActiveConnection/0
Mar 11 20:17:21 jonathan-Latitude-E7250 whoopsie[2058]: [20:17:21] Found usable connection: /org/freedesktop/NetworkManager/ActiveConnection/0
Mar 11 20:17:21 jonathan-Latitude-E7250 systemd[1]: Reloading OpenBSD Secure Shell server.
Mar 11 20:17:21 jonathan-Latitude-E7250 systemd[1]: Reloaded OpenBSD Secure Shell server.
Mar 11 20:17:21 jonathan-Latitude-E7250 NetworkManager[788]: <info> [1520795841.7391] manager: WiFi hardware radio set enabled
Mar 11 20:17:21 jonathan-Latitude-E7250 NetworkManager[788]: <info> [1520795841.7394] manager: WWAN hardware radio set enabled
Mar 11 20:17:22 jonathan-Latitude-E7250 systemd[1]: Started Daemon for generating UUIDs.
Mar 11 20:17:22 jonathan-Latitude-E7250 systemd[1]: Reloading OpenBSD Secure Shell server.
Mar 11 20:17:22 jonathan-Latitude-E7250 systemd[1]: Reloaded OpenBSD Secure Shell server.
Mar 11 20:16:34 jonathan-Latitude-E7250 systemd[1294]: Time has been changed
Mar 11 20:16:34 jonathan-Latitude-E7250 ntpdate[2090]: step time server 91.189.89.199 offset -53.780129 sec
Mar 11 20:16:34 jonathan-Latitude-E7250 systemd[1073]: Time has been changed
Mar 11 20:16:34 jonathan-Latitude-E7250 systemd[1]: Time has been changed
Mar 11 20:16:39 jonathan-Latitude-E7250 kernel: [ 25.807814] dell_wmi: Unknown WMI event type 0x12
Mar 11 20:16:40 jonathan-Latitude-E7250 bluetoothd[754]: Endpoint unregistered: sender=:1.44 path=/MediaEndpoint/A2DPSource
Mar 11 20:16:40 jonathan-Latitude-E7250 bluetoothd[754]: Endpoint unregistered: sender=:1.44 path=/MediaEndpoint/A2DPSink
Mar 11 20:16:44 jonathan-Latitude-E7250 org.gnome.zeitgeist.Engine[1439]: ** (zeitgeist-datahub:2344): WARNING **: zeitgeist-datahub.vala:229: Unable to get name "org.gnome.zeitgeist.datahub" on the bus!
Mar 11 20:16:47 jonathan-Latitude-E7250 systemd-timesyncd[609]: Synchronized to time server 91.189.89.199:123 (ntp.ubuntu.com).
Mar 11 20:17:27 jonathan-Latitude-E7250 gnome-session[1584]: pkexec must be setuid root
Mar 11 20:17:28 jonathan-Latitude-E7250 gnome-session[1584]: Gtk-Message: GtkDialog mapped without a transient parent. This is discouraged.
Mar 11 20:17:47 jonathan-Latitude-E7250 systemd[1]: powerd.service: Start operation timed out. Terminating.
Mar 11 20:17:47 jonathan-Latitude-E7250 powerd[801]: SIGTERM recieved, cleaning up
Mar 11 20:18:18 jonathan-Latitude-E7250 systemd[1]: Stopping User Manager for UID 112...
Mar 11 20:18:18 jonathan-Latitude-E7250 systemd[1073]: Stopped target Default.
Mar 11 20:18:18 jonathan-Latitude-E7250 systemd[1073]: Stopped Run Click user-level hooks.
Mar 11 20:18:18 jonathan-Latitude-E7250 systemd[1073]: Stopped target Basic System.
Mar 11 20:18:18 jonathan-Latitude-E7250 systemd[1073]: Stopped target Paths.
Mar 11 20:18:18 jonathan-Latitude-E7250 systemd[1073]: Stopped target Timers.
Mar 11 20:18:18 jonathan-Latitude-E7250 systemd[1073]: Stopped target Sockets.
Mar 11 20:18:18 jonathan-Latitude-E7250 systemd[1073]: Reached target Shutdown.
Mar 11 20:18:18 jonathan-Latitude-E7250 systemd[1073]: Starting Exit the Session...
Mar 11 20:18:18 jonathan-Latitude-E7250 systemd[1073]: Received SIGRTMIN+24 from PID 2840 (kill).
Mar 11 20:18:18 jonathan-Latitude-E7250 systemd[1]: Stopped User Manager for UID 112.
Mar 11 20:18:18 jonathan-Latitude-E7250 systemd[1]: Removed slice User Slice of lightdm.
Mar 11 20:19:17 jonathan-Latitude-E7250 systemd[1]: powerd.service: State 'stop-final-sigterm' timed out. Killing.
Mar 11 20:19:17 jonathan-Latitude-E7250 systemd[1]: powerd.service: Main process exited, code=killed, status=9/KILL
Mar 11 20:19:17 jonathan-Latitude-E7250 systemd[1]: Failed to start monitor and control system power state.
Mar 11 20:19:17 jonathan-Latitude-E7250 systemd[1]: powerd.service: Unit entered failed state.
Mar 11 20:19:17 jonathan-Latitude-E7250 systemd[1]: powerd.service: Failed with result 'signal'.
Mar 11 20:19:17 jonathan-Latitude-E7250 systemd[1]: Reached target Multi-User System.
Mar 11 20:19:17 jonathan-Latitude-E7250 systemd[1]: Reached target Graphical Interface.
Mar 11 20:19:17 jonathan-Latitude-E7250 systemd[1]: Started Stop ureadahead data collection 45s after completed startup.
Mar 11 20:19:17 jonathan-Latitude-E7250 systemd[1]: Starting Update UTMP about System Runlevel Changes...
Mar 11 20:19:17 jonathan-Latitude-E7250 systemd[1]: Started Update UTMP about System Runlevel Changes.
Mar 11 20:19:17 jonathan-Latitude-E7250 systemd[1]: Startup finished in 1.784s (kernel) + 3min 1.701s (userspace) = 3min 3.486s.
Mar 11 20:20:02 jonathan-Latitude-E7250 systemd[1]: Starting Stop ureadahead data collection...
Mar 11 20:20:02 jonathan-Latitude-E7250 systemd[1]: Stopped Read required files in advance.
Mar 11 20:20:02 jonathan-Latitude-E7250 systemd[1]: Started Stop ureadahead data collection.
editar: Ubuntu 16.04 LTS, Dell Latitude E7250