帮忙解读这个日志，我新手看不懂

[lewy7]

小弟的最近服务器经常卡住死掉，每次都必须重启，过两三天又挂掉了，求大虾们帮个忙啊
服务器于12月14日21点整左右因卡死被迫重启，现在贴14日message出来求解

[lewy7]

Dec 14 18:25:55 localhost sshd(pam_unix)[4596]: check pass; user unknown
Dec 14 18:25:55 localhost sshd(pam_unix)[4596]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.170.79.47
//上述记录出现了100多次
Dec 14 18:25:58 localhost sshd(pam_unix)[4599]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.170.79.47 user=mailnull
Dec 14 18:26:01 localhost sshd(pam_unix)[4607]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.170.79.47 user=nfsnobody
Dec 14 18:26:03 localhost sshd(pam_unix)[4633]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.170.79.47 user=rpcuser
Dec 14 18:26:06 localhost sshd(pam_unix)[4635]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.170.79.47 user=rpc
Dec 14 18:26:09 localhost sshd(pam_unix)[4637]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.170.79.47 user=gopher
Dec 14 18:54:12 localhost proftpd[5986]: localhost (121.236.198.101[121.236.198.101]) - FTP session opened.
Dec 14 18:54:12 localhost proftpd[5986]: localhost (121.236.198.101[121.236.198.101]) - ftp: Directory ~ftp/ is not accessible.
Dec 14 18:59:02 localhost proftpd[5986]: localhost (121.236.198.101[121.236.198.101]) - FTP no transfer timeout, disconnected
Dec 14 18:59:02 localhost proftpd[5986]: localhost (121.236.198.101[121.236.198.101]) - FTP session closed.
Dec 14 19:01:02 localhost crond(pam_unix)[6487]: session opened for user root by (uid=0)
Dec 14 19:01:03 localhost crond(pam_unix)[6487]: session closed for user root
Dec 14 19:28:43 localhost kernel: hda: status timeout: status=0xd0 { Busy }
Dec 14 19:28:43 localhost kernel:
Dec 14 19:28:43 localhost kernel: ide: failed opcode was: unknown
Dec 14 19:28:43 localhost kernel: hda: no DRQ after issuing WRITE
Dec 14 19:28:43 localhost kernel: ide0: reset: success
Dec 14 20:01:01 localhost crond(pam_unix)[9504]: session opened for user root by (uid=0)
Dec 14 20:01:01 localhost crond(pam_unix)[9504]: session closed for user root
Dec 14 20:56:09 localhost syslogd 1.4.1: restart.
Dec 14 20:56:09 localhost syslog: syslogd 启动 succeeded
Dec 14 20:56:09 localhost kernel: klogd 1.4.1, log source = /proc/kmsg started.
Dec 14 20:56:09 localhost kernel: Linux version 2.6.9-5.ELsmp (bhcompile@decompose.build.redhat.com) (gcc version 3.4.3 20041212 (Red Hat 3.4.3-9.EL4)) #1 SMP Wed Jan 5 19:30:39 EST 2005
Dec 14 20:56:09 localhost kernel: BIOS-provided physical RAM map:
Dec 14 20:56:09 localhost kernel: BIOS-e820: 0000000000000000 - 000000000009b800 (usable)
Dec 14 20:56:09 localhost kernel: BIOS-e820: 000000000009b800 - 00000000000a0000 (reserved)
Dec 14 20:56:09 localhost kernel: BIOS-e820: 00000000000dc000 - 0000000000100000 (reserved)
Dec 14 20:56:09 localhost kernel: BIOS-e820: 0000000000100000 - 000000007ff10000 (usable)
Dec 14 20:56:09 localhost kernel: BIOS-e820: 000000007ff10000 - 000000007ff21000 (ACPI data)
Dec 14 20:56:09 localhost kernel: BIOS-e820: 000000007ff21000 - 000000007ff80000 (ACPI NVS)
Dec 14 20:56:09 localhost kernel: BIOS-e820: 000000007ff80000 - 0000000080000000 (reserved)
Dec 14 20:56:09 localhost kernel: BIOS-e820: 00000000e0000000 - 00000000f0000000 (reserved)
Dec 14 20:56:09 localhost kernel: BIOS-e820: 00000000fec00000 - 00000000fec10000 (reserved)
Dec 14 20:56:09 localhost syslog: klogd 启动 succeeded
Dec 14 20:56:09 localhost kernel: BIOS-e820: 00000000fee00000 - 00000000fee01000 (reserved)
Dec 14 20:56:09 localhost kernel: BIOS-e820: 00000000ff000000 - 0000000100000000 (reserved)
Dec 14 20:56:09 localhost kernel: 1151MB HIGHMEM available.
Dec 14 20:56:09 localhost kernel: 896MB LOWMEM available.
Dec 14 20:56:09 localhost kernel: found SMP MP-table at 000f7160
Dec 14 20:56:09 localhost kernel: NX (Execute Disable) protection: active
Dec 14 20:56:09 localhost kernel: DMI present.
Dec 14 20:56:09 localhost kernel: Using APIC driver default
Dec 14 20:56:10 localhost sshd: succeeded
Dec 14 20:56:10 localhost kernel: ACPI: PM-Timer IO Port: 0x1008
Dec 14 20:56:10 localhost kernel: ACPI: LAPIC (acpi_id[0x00] lapic_id[0x00] enabled)
Dec 14 20:56:10 localhost kernel: Processor #0 6:15 APIC version 20

[lewy7]

Dec 14 20:56:10 localhost crond: crond 启动 succeeded
Dec 14 20:56:10 localhost kernel: ACPI: LAPIC (acpi_id[0x01] lapic_id[0x01] enabled)
Dec 14 20:56:10 localhost kernel: Processor #1 6:15 APIC version 20
Dec 14 20:56:10 localhost kernel: ACPI: LAPIC (acpi_id[0x02] lapic_id[0x02] enabled)
Dec 14 20:56:10 localhost kernel: Processor #2 6:15 APIC version 20
Dec 14 20:56:10 localhost kernel: ACPI: LAPIC (acpi_id[0x03] lapic_id[0x03] enabled)
Dec 14 20:56:10 localhost kernel: Processor #3 6:15 APIC version 20
Dec 14 20:56:10 localhost kernel: ACPI: LAPIC_NMI (acpi_id[0x00] high edge lint[0x1])
Dec 14 20:56:10 localhost kernel: ACPI: LAPIC_NMI (acpi_id[0x01] high edge lint[0x1])
Dec 14 20:56:10 localhost kernel: ACPI: LAPIC_NMI (acpi_id[0x02] high edge lint[0x1])
Dec 14 20:56:10 localhost kernel: ACPI: LAPIC_NMI (acpi_id[0x03] high edge lint[0x1])
Dec 14 20:56:10 localhost kernel: ACPI: IOAPIC (id[0x04] address[0xfec00000] gsi_base[0])
Dec 14 20:56:10 localhost kernel: IOAPIC[0]: apic_id 4, version 32, address 0xfec00000, GSI 0-23
Dec 14 20:56:10 localhost kernel: ACPI: IOAPIC (id[0x05] address[0xfec80000] gsi_base[24])
Dec 14 20:56:10 localhost kernel: IOAPIC[1]: apic_id 5, version 32, address 0xfec80000, GSI 24-47
Dec 14 20:56:10 localhost kernel: ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 high edge)
Dec 14 20:56:10 localhost kernel: ACPI: INT_SRC_OVR (bus 0 bus_irq 9 global_irq 9 high level)
Dec 14 20:56:11 localhost kernel: Enabling APIC mode: Flat. Using 2 I/O APICs
Dec 14 20:56:11 localhost kernel: Using ACPI (MADT) for SMP configuration information
Dec 14 20:56:11 localhost kernel: Built 1 zonelists
Dec 14 20:56:11 localhost kernel: Kernel command line: ro root=LABEL=/1 rhgb quiet
Dec 14 20:56:11 localhost kernel: Initializing CPU#0
Dec 14 20:56:11 localhost kernel: CPU 0 irqstacks, hard=c03d8000 soft=c03b8000
Dec 14 20:56:11 localhost kernel: PID hash table entries: 4096 (order: 12, 65536 bytes)
Dec 14 20:56:11 localhost kernel: Detected 1596.278 MHz processor.
Dec 15 04:55:41 localhost rc.sysinit: -e
Dec 14 20:56:11 localhost kernel: Using tsc for high-res timesource
Dec 15 04:55:42 localhost start_udev: Starting udev: succeeded
Dec 15 04:55:46 localhost udevsend[1071]: starting udevd daemon
Dec 15 04:55:48 localhost rc.sysinit: -e
Dec 14 20:56:11 localhost kernel: Console: colour VGA+ 80x25
Dec 15 04:55:49 localhost hal.hotplug[1418]: DEVPATH is not set
Dec 14 20:56:11 localhost kernel: Dentry cache hash table entries: 131072 (order: 7, 524288 bytes)
Dec 15 04:55:49 localhost hal.hotplug[1443]: DEVPATH is not set
Dec 14 20:56:11 localhost kernel: Inode-cache hash table entries: 65536 (order: 6, 262144 bytes)
Dec 15 04:55:59 localhost sysctl: net.ipv4.ip_forward = 0
Dec 14 20:56:11 localhost kernel: Memory: 2072928k/2096192k available (1819k kernel code, 22248k reserved, 740k data, 172k init, 1178688k highmem)
Dec 15 04:55:59 localhost sysctl: net.ipv4.conf.default.rp_filter = 1
Dec 15 04:55:59 localhost sysctl: net.ipv4.conf.default.accept_source_route = 0
Dec 14 20:56:11 localhost kernel: Security Scaffold v1.0.0 initialized
Dec 15 04:55:59 localhost sysctl: kernel.sysrq = 0
Dec 14 20:56:11 localhost kernel: SELinux: Initializing.
Dec 15 04:55:59 localhost sysctl: kernel.core_uses_pid = 1
Dec 14 20:56:11 localhost kernel: SELinux: Starting in permissive mode
Dec 15 04:55:59 localhost rc.sysinit: Configuring kernel parameters: succeeded
Dec 14 20:56:11 localhost kernel: There is already a security framework initialized, register_security failed.
Dec 14 20:55:54 localhost date: 日 12月 14 20:55:54 CST 2008
Dec 14 20:56:11 localhost kernel: selinux_register_security: Registering secondary module capability
Dec 14 20:55:54 localhost rc.sysinit: Setting clock (localtime): 日 12月 14 20:55:54 CST 2008 succeeded
Dec 14 20:56:11 localhost kernel: Capability LSM initialized as secondary
Dec 14 20:55:54 localhost rc.sysinit: Loading default keymap succeeded
Dec 14 20:56:11 localhost kernel: Mount-cache hash table entries: 512 (order: 0, 4096 bytes)
Dec 14 20:55:54 localhost rc.sysinit: Setting hostname localhost: succeeded
Dec 14 20:56:00 localhost rc.sysinit: Checking root filesystem succeeded
Dec 14 20:56:00 localhost rc.sysinit: Remounting root filesystem in read-write mode: succeeded
Dec 14 20:56:11 localhost kernel: monitor/mwait feature present.
Dec 14 20:56:01 localhost lvm.static: No volume groups found
Dec 14 20:56:11 localhost kernel: using mwait in idle threads.
Dec 14 20:56:01 localhost rc.sysinit: Setting up Logical Volume Management: succeeded
Dec 14 20:56:11 localhost kernel: CPU: L1 I cache: 32K, L1 D cache: 32K
Dec 14 20:56:01 localhost rc.sysinit: Checking filesystems succeeded
Dec 14 20:56:11 localhost kernel: CPU: Physical Processor ID: 0
Dec 14 20:56:01 localhost rc.sysinit: Mounting local filesystems: succeeded
Dec 14 20:56:01 localhost rc.sysinit: Enabling local filesystem quotas: succeeded
Dec 14 20:56:12 localhost kernel: Intel machine check architecture supported.
Dec 14 20:56:05 localhost rc.sysinit: Enabling swap space: succeeded
Dec 14 20:56:12 localhost kernel: Intel machine check reporting enabled on CPU#0.
Dec 14 20:56:05 localhost init: Entering runlevel: 5
Dec 14 20:56:12 localhost kernel: Enabling fast FPU save and restore... done.
Dec 14 20:56:06 localhost iptables: succeeded
Dec 14 20:56:12 localhost kernel: Enabling unmasked SIMD FPU exception support... done.
Dec 14 20:56:06 localhost iptables: succeeded
Dec 14 20:56:12 localhost kernel: Checking 'hlt' instruction... OK.
Dec 14 20:56:06 localhost iptables: succeeded
Dec 14 20:56:12 localhost kernel: CPU0: Intel(R) Xeon(R) CPU E5310 @ 1.60GHz stepping 0b
Dec 14 20:56:06 localhost iptables: succeeded
Dec 14 20:56:12 localhost kernel: per-CPU timeslice cutoff: 182.78 usecs.
Dec 14 20:56:06 localhost sysctl: net.ipv4.ip_forward = 0
Dec 14 20:56:12 localhost kernel: task migration cache decay timeout: 1 msecs.
Dec 14 20:56:06 localhost sysctl: net.ipv4.conf.default.rp_filter = 1
Dec 14 20:56:12 localhost kernel: Booting processor 1/1 eip 3000
Dec 14 20:56:06 localhost sysctl: net.ipv4.conf.default.accept_source_route = 0
Dec 14 20:56:12 localhost kernel: CPU 1 irqstacks, hard=c03d9000 soft=c03b9000
Dec 14 20:56:06 localhost sysctl: kernel.sysrq = 0
Dec 14 20:56:12 localhost kernel: Initializing CPU#1
Dec 14 20:56:06 localhost sysctl: kernel.core_uses_pid = 1
Dec 14 20:56:06 localhost network: 设置网络参数： succeeded
Dec 14 20:56:06 localhost network: 弹出环回接口： succeeded
Dec 14 20:56:08 localhost ifup: /etc/host.conf: line 2: expected service, found `multi off nospoof on'
Dec 14 20:56:12 localhost kernel: monitor/mwait feature present.
Dec 14 20:56:08 localhost network: 弹出界面 eth0： succeeded
Dec 14 20:56:12 localhost kernel: CPU: L1 I cache: 32K, L1 D cache: 32K
Dec 14 20:56:12 localhost kernel: CPU: Physical Processor ID: 0
Dec 14 20:56:12 localhost kernel: Intel machine check architecture supported.
Dec 14 20:56:12 localhost kernel: Intel machine check reporting enabled on CPU#1.
Dec 14 20:56:12 localhost kernel: CPU1: Intel(R) Xeon(R) CPU E5310 @ 1.60GHz stepping 0b
Dec 14 20:56:12 localhost kernel: Booting processor 2/2 eip 3000
Dec 14 20:56:12 localhost kernel: CPU 2 irqstacks, hard=c03da000 soft=c03ba000
Dec 14 20:56:12 localhost kernel: Initializing CPU#2
Dec 14 20:56:12 localhost kernel: monitor/mwait feature present.
Dec 14 20:56:12 localhost kernel: CPU: L1 I cache: 32K, L1 D cache: 32K
Dec 14 20:56:12 localhost kernel: CPU: Physical Processor ID: 0
Dec 14 20:56:12 localhost kernel: Intel machine check architecture supported.
Dec 14 20:56:12 localhost kernel: Intel machine check reporting enabled on CPU#2.
Dec 14 20:56:12 localhost kernel: CPU2: Intel(R) Xeon(R) CPU E5310 @ 1.60GHz stepping 0b
Dec 14 20:56:12 localhost kernel: Booting processor 3/3 eip 3000
Dec 14 20:56:12 localhost kernel: CPU 3 irqstacks, hard=c03db000 soft=c03bb000
Dec 14 20:56:12 localhost kernel: Initializing CPU#3
Dec 14 20:56:12 localhost kernel: monitor/mwait feature present.
Dec 14 20:56:12 localhost kernel: CPU: L1 I cache: 32K, L1 D cache: 32K
Dec 14 20:56:12 localhost kernel: CPU: Physical Processor ID: 0
Dec 14 20:56:12 localhost kernel: Intel machine check architecture supported.
Dec 14 20:56:12 localhost kernel: Intel machine check reporting enabled on CPU#3.
Dec 14 20:56:12 localhost kernel: CPU3: Intel(R) Xeon(R) CPU E5310 @ 1.60GHz stepping 0b
Dec 14 20:56:12 localhost kernel: Total of 4 processors activated (12705.79 BogoMIPS).
Dec 14 20:56:12 localhost kernel: ENABLING IO-APIC IRQs
Dec 14 20:56:12 localhost kernel: ..TIMER: vector=0x31 pin1=2 pin2=-1
Dec 14 20:56:12 localhost kernel: checking TSC synchronization across 4 CPUs: passed.
Dec 14 20:56:12 localhost kernel: Brought up 4 CPUs

[lewy7]

Dec 14 20:56:12 localhost kernel: zapping low mappings.
Dec 14 20:56:12 localhost kernel: checking if image is initramfs... it is
Dec 14 20:56:12 localhost kernel: Freeing initrd memory: 382k freed
Dec 14 20:56:12 localhost kernel: NET: Registered protocol family 16
Dec 14 20:56:12 localhost kernel: PCI: PCI BIOS revision 2.10 entry at 0xfd785, last bus=24
Dec 14 20:56:12 localhost kernel: PCI: Using MMCONFIG
Dec 14 20:56:12 localhost kernel: mtrr: v2.0 (20020519)
Dec 14 20:56:12 localhost kernel: ACPI: Subsystem revision 20040816
Dec 14 20:56:12 localhost kernel: ACPI: Interpreter enabled
Dec 14 20:56:12 localhost kernel: ACPI: Using IOAPIC for interrupt routing
Dec 14 20:56:12 localhost kernel: ACPI: PCI Root Bridge [PCI0] (00:00)
Dec 14 20:56:12 localhost kernel: PCI: Probing PCI hardware (bus 00)
Dec 14 20:56:12 localhost kernel: PCI: Ignoring BAR0-3 of IDE controller 0000:00:1f.2
Dec 14 20:56:12 localhost kernel: PCI: Transparent bridge - 0000:00:1e.0
Dec 14 20:56:12 localhost kernel: ACPI: PCI Interrupt Link [LNKA] (IRQs 3 4 5 6 7 10 *11 14 15)
Dec 14 20:56:12 localhost kernel: ACPI: PCI Interrupt Link [LNKB] (IRQs 3 4 5 6 *7 10 11 14 15)
Dec 14 20:56:12 localhost kernel: ACPI: PCI Interrupt Link [LNKC] (IRQs 3 4 5 6 7 10 11 14 15) *0, disabled.
Dec 14 20:56:12 localhost kernel: ACPI: PCI Interrupt Link [LNKD] (IRQs 3 4 5 6 7 *10 11 14 15)
Dec 14 20:56:12 localhost kernel: ACPI: PCI Interrupt Link [LNKE] (IRQs 3 4 5 6 7 10 11 14 15) *0, disabled.
Dec 14 20:56:12 localhost kernel: ACPI: PCI Interrupt Link [LNKF] (IRQs 4 5 6 7 10 11 14 15) *0, disabled.
Dec 14 20:56:12 localhost kernel: ACPI: PCI Interrupt Link [LNKG] (IRQs 3 4 5 6 7 10 11 14 15) *0, disabled.
Dec 14 20:56:12 localhost kernel: ACPI: PCI Interrupt Link [LNKH] (IRQs 4 *5 6 7 10 11 14 15)
Dec 14 20:56:12 localhost kernel: Linux Plug and Play Support v0.97 (c) Adam Belay
Dec 14 20:56:12 localhost kernel: usbcore: registered new driver usbfs
Dec 14 20:56:12 localhost kernel: usbcore: registered new driver hub
Dec 14 20:56:12 localhost kernel: PCI: Using ACPI for IRQ routing
Dec 14 20:56:12 localhost kernel: ACPI: PCI interrupt 0000:00:00.0[A] -> GSI 16 (level, low) -> IRQ 169
Dec 14 20:56:12 localhost kernel: ACPI: PCI interrupt 0000:00:02.0[A] -> GSI 16 (level, low) -> IRQ 169
Dec 14 20:56:12 localhost kernel: ACPI: PCI interrupt 0000:00:03.0[A] -> GSI 16 (level, low) -> IRQ 169
Dec 14 20:56:12 localhost kernel: ACPI: PCI interrupt 0000:00:04.0[A] -> GSI 16 (level, low) -> IRQ 169
Dec 14 20:56:12 localhost kernel: ACPI: PCI interrupt 0000:00:05.0[A] -> GSI 16 (level, low) -> IRQ 169
Dec 14 20:56:12 localhost kernel: ACPI: PCI interrupt 0000:00:06.0[A] -> GSI 16 (level, low) -> IRQ 169
Dec 14 20:56:12 localhost kernel: ACPI: PCI interrupt 0000:00:07.0[A] -> GSI 16 (level, low) -> IRQ 169
Dec 14 20:56:12 localhost kernel: ACPI: PCI interrupt 0000:00:1d.0[A] -> GSI 23 (level, low) -> IRQ 177
Dec 14 20:56:12 localhost kernel: ACPI: PCI interrupt 0000:00:1d.1 -> GSI 23 (level, low) -> IRQ 177
Dec 14 20:56:13 localhost kernel: ACPI: PCI interrupt 0000:00:1d.2[C] -> GSI 23 (level, low) -> IRQ 177
Dec 14 20:56:13 localhost kernel: ACPI: PCI interrupt 0000:00:1d.7[A] -> GSI 23 (level, low) -> IRQ 177
Dec 14 20:56:13 localhost kernel: ACPI: PCI interrupt 0000:00:1f.2 -> GSI 19 (level, low) -> IRQ 185
Dec 14 20:56:13 localhost kernel: ACPI: PCI interrupt 0000:00:1f.3 -> GSI 19 (level, low) -> IRQ 185
Dec 14 20:56:13 localhost kernel: ACPI: PCI interrupt 0000:01:00.0[A] -> GSI 16 (level, low) -> IRQ 169
Dec 14 20:56:13 localhost kernel: ACPI: PCI interrupt 0000:02:00.0[A] -> GSI 16 (level, low) -> IRQ 169
Dec 14 20:56:13 localhost kernel: ACPI: PCI interrupt 0000:16:00.0[A] -> GSI 16 (level, low) -> IRQ 169
Dec 14 20:56:13 localhost kernel: ACPI: PCI interrupt 0000:17:00.0[A] -> GSI 17 (level, low) -> IRQ 193
Dec 14 20:56:13 localhost kernel: ACPI: PCI interrupt 0000:18:02.0[A] -> GSI 17 (level, low) -> IRQ 193
Dec 14 20:56:13 localhost kernel: Simple Boot Flag at 0x39 set to 0x1
Dec 14 20:56:13 localhost kernel: apm: BIOS version 1.2 Flags 0x03 (Driver version 1.16ac)
Dec 14 20:56:13 localhost kernel: apm: disabled - APM is not SMP safe.
Dec 14 20:56:13 localhost kernel: audit: initializing netlink socket (disabled)
Dec 14 20:56:13 localhost kernel: audit(1229288117.805:0): initialized
Dec 14 20:56:13 localhost kernel: highmem bounce pool size: 64 pages
Dec 14 20:56:13 localhost kernel: Total HugeTLB memory allocated, 0
Dec 14 20:56:13 localhost kernel: VFS: Disk quotas dquot_6.5.1
Dec 14 20:56:13 localhost kernel: Dquot-cache hash table entries: 1024 (order 0, 4096 bytes)
Dec 14 20:56:13 localhost kernel: SELinux: Registering netfilter hooks
Dec 14 20:56:13 localhost kernel: Initializing Cryptographic API
Dec 14 20:56:13 localhost kernel: ksign: Installing public key data
Dec 14 20:56:13 localhost kernel: Loading keyring
Dec 14 20:56:13 localhost kernel: - Added public key E07BC3E85BE30CFD
Dec 14 20:56:13 localhost kernel: - User ID: Red Hat, Inc. (Kernel Module GPG key)
Dec 14 20:56:13 localhost kernel: pci_hotplug: PCI Hot Plug PCI Core version: 0.5
Dec 14 20:56:13 localhost kernel: vesafb: probe of vesafb0 failed with error -6
Dec 14 20:56:13 localhost kernel: ACPI: Processor [CPU0] (supports C1, 8 throttling states)
Dec 14 20:56:13 localhost kernel: ACPI: Processor [CPU1] (supports C1, 8 throttling states)
Dec 14 20:56:13 localhost kernel: ACPI: Processor [CPU2] (supports C1, 8 throttling states)
Dec 14 20:56:13 localhost kernel: ACPI: Processor [CPU3] (supports C1, 8 throttling states)
Dec 14 20:56:13 localhost kernel: Real Time Clock Driver v1.12
Dec 14 20:56:13 localhost kernel: Linux agpgart interface v0.100 (c) Dave Jones
Dec 14 20:56:13 localhost kernel: serio: i8042 AUX port at 0x60,0x64 irq 12
Dec 14 20:56:13 localhost kernel: serio: i8042 KBD port at 0x60,0x64 irq 1
Dec 14 20:56:13 localhost kernel: Serial: 8250/16550 driver $Revision: 1.90 $ 8 ports, IRQ sharing enabled
Dec 14 20:56:13 localhost kernel: ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A
Dec 14 20:56:13 localhost kernel: RAMDISK driver initialized: 16 RAM disks of 16384K size 1024 blocksize
Dec 14 20:56:13 localhost kernel: Uniform Multi-Platform E-IDE driver Revision: 7.00alpha2
Dec 14 20:56:13 localhost kernel: ide: Assuming 33MHz system bus speed for PIO modes; override with idebus=xx
Dec 14 20:56:13 localhost kernel: hda: FB160C4081, ATA DISK drive
Dec 14 20:56:13 localhost kernel: Using cfq io scheduler
Dec 14 20:56:13 localhost kernel: ide0 at 0x1f0-0x1f7,0x3f6 on irq 14
Dec 14 20:56:13 localhost kernel: hda: max request size: 1024KiB
Dec 14 20:56:13 localhost kernel: hda: 312581808 sectors (160041 MB) w/8192KiB Cache, CHS=19457/255/63
Dec 14 20:56:13 localhost kernel: hda: hda1 hda2 hda3
Dec 14 20:56:13 localhost kernel: ide-floppy driver 0.99.newide
Dec 14 20:56:13 localhost kernel: usbcore: registered new driver hiddev
Dec 14 20:56:13 localhost kernel: usbcore: registered new driver usbhid
Dec 14 20:56:13 localhost kernel: drivers/usb/input/hid-core.c: v2.0:USB HID core driver
Dec 14 20:56:13 localhost kernel: mice: PS/2 mouse device common for all mice
Dec 14 20:56:13 localhost kernel: md: md driver 0.90.0 MAX_MD_DEVS=256, MD_SB_DISKS=27
Dec 14 20:56:13 localhost kernel: NET: Registered protocol family 2
Dec 14 20:56:13 localhost kernel: IP: routing cache hash table of 8192 buckets, 128Kbytes
Dec 14 20:56:13 localhost kernel: TCP: Hash tables configured (established 262144 bind 43690)
Dec 14 20:56:13 localhost kernel: Initializing IPsec netlink socket
Dec 14 20:56:13 localhost kernel: NET: Registered protocol family 1
Dec 14 20:56:13 localhost kernel: NET: Registered protocol family 17
Dec 14 20:56:13 localhost kernel: ACPI: (supports S0 S4 S5)
Dec 14 20:56:13 localhost kernel: ACPI wakeup devices:
Dec 14 20:56:13 localhost kernel: BPD0 BMF3 P0P4 P0P6 PEX0 PEX1 PEX2 PEX3 USB1 USB2 USB3 EUSB PCIB
Dec 14 20:56:13 localhost kernel: Freeing unused kernel memory: 172k freed
Dec 14 20:56:13 localhost kernel: EXT3-fs: INFO: recovery required on readonly filesystem.
Dec 14 20:56:13 localhost kernel: EXT3-fs: write access will be enabled during recovery.
Dec 14 20:56:13 localhost kernel: hda: status timeout: status=0xd0 { Busy }
Dec 14 20:56:13 localhost kernel:
Dec 14 20:56:13 localhost kernel: ide: failed opcode was: unknown
Dec 14 20:56:13 localhost kernel: hda: no DRQ after issuing WRITE
Dec 14 20:56:13 localhost kernel: ide0: reset: success
Dec 14 20:56:13 localhost kernel: kjournald starting. Commit interval 5 seconds
Dec 14 20:56:13 localhost kernel: EXT3-fs: hda3: orphan cleanup on readonly fs
Dec 14 20:56:13 localhost kernel: EXT3-fs: hda3: 5 orphan inodes deleted
Dec 14 20:56:13 localhost kernel: EXT3-fs: recovery complete.
Dec 14 20:56:13 localhost kernel: EXT3-fs: mounted filesystem with ordered data mode.
Dec 14 20:56:13 localhost kernel: SELinux: Disabled at runtime.
Dec 14 20:56:13 localhost kernel: SELinux: Unregistering netfilter hooks
Dec 14 20:56:13 localhost kernel: inserting floppy driver for 2.6.9-5.ELsmp
Dec 14 20:56:13 localhost kernel: floppy0: no floppy controllers found
Dec 14 20:56:13 localhost kernel: tg3.c:v3.10 (September 14, 2004)
Dec 14 20:56:13 localhost kernel: ACPI: PCI interrupt 0000:16:00.0[A] -> GSI 16 (level, low) -> IRQ 169
Dec 14 20:56:13 localhost kernel: eth0: Tigon3 [partno(BCM95721) rev 4101 PHY(5750)] (PCIX:100MHz:32-bit) 10/100/1000BaseT Ethernet 00:1e:0b:5a:84:e7
Dec 14 20:56:13 localhost kernel: eth0: RXcsums[1] LinkChgREG[0] MIirq[0] ASF[1] Split[0] WireSpeed[1] TSOcap[1]
Dec 14 20:56:13 localhost kernel: ACPI: PCI interrupt 0000:17:00.0[A] -> GSI 17 (level, low) -> IRQ 193
Dec 14 20:56:13 localhost kernel: eth1: Tigon3 [partno(BCM95721) rev 4101 PHY(5750)] (PCIX:100MHz:32-bit) 10/100/1000BaseT Ethernet 00:1e:0b:5a:84:e8
Dec 14 20:56:13 localhost kernel: eth1: RXcsums[1] LinkChgREG[0] MIirq[0] ASF[0] Split[0] WireSpeed[1] TSOcap[1]
Dec 14 20:56:13 localhost kernel: hw_random: RNG not detected
Dec 14 20:56:13 localhost kernel: ACPI: PCI interrupt 0000:00:1d.7[A] -> GSI 23 (level, low) -> IRQ 177
Dec 14 20:56:13 localhost kernel: ehci_hcd 0000:00:1d.7: EHCI Host Controller
Dec 14 20:56:13 localhost kernel: ehci_hcd 0000:00:1d.7: irq 177, pci mem f8842000
Dec 14 20:56:13 localhost kernel: ehci_hcd 0000:00:1d.7: new USB bus registered, assigned bus number 1
Dec 14 20:56:13 localhost kernel: ehci_hcd 0000:00:1d.7: USB 2.0 enabled, EHCI 1.00, driver 2004-May-10
Dec 14 20:56:13 localhost kernel: hub 1-0:1.0: USB hub found
Dec 14 20:56:13 localhost kernel: hub 1-0:1.0: 6 ports detected
Dec 14 20:56:13 localhost kernel: USB Universal Host Controller Interface driver v2.2
Dec 14 20:56:13 localhost kernel: ACPI: PCI interrupt 0000:00:1d.0[A] -> GSI 23 (level, low) -> IRQ 177
Dec 14 20:56:13 localhost kernel: uhci_hcd 0000:00:1d.0: UHCI Host Controller
Dec 14 20:56:13 localhost kernel: uhci_hcd 0000:00:1d.0: irq 177, io base 00001800
Dec 14 20:56:13 localhost kernel: uhci_hcd 0000:00:1d.0: new USB bus registered, assigned bus number 2
Dec 14 20:56:13 localhost kernel: hub 2-0:1.0: USB hub found
Dec 14 20:56:13 localhost kernel: hub 2-0:1.0: 2 ports detected
Dec 14 20:56:13 localhost kernel: ACPI: PCI interrupt 0000:00:1d.1 -> GSI 23 (level, low) -> IRQ 177
Dec 14 20:56:13 localhost kernel: uhci_hcd 0000:00:1d.1: UHCI Host Controller
Dec 14 20:56:13 localhost kernel: uhci_hcd 0000:00:1d.1: irq 177, io base 00001820
Dec 14 20:56:13 localhost kernel: uhci_hcd 0000:00:1d.1: new USB bus registered, assigned bus number 3
Dec 14 20:56:13 localhost kernel: hub 3-0:1.0: USB hub found
Dec 14 20:56:13 localhost kernel: hub 3-0:1.0: 2 ports detected
Dec 14 20:56:13 localhost kernel: ACPI: PCI interrupt 0000:00:1d.2[C] -> GSI 23 (level, low) -> IRQ 177
Dec 14 20:56:13 localhost kernel: uhci_hcd 0000:00:1d.2: UHCI Host Controller
Dec 14 20:56:13 localhost kernel: ip_tables: (C) 2000-2002 Netfilter core team
Dec 14 20:56:13 localhost kernel: uhci_hcd 0000:00:1d.2: irq 177, io base 00001840
Dec 14 20:56:13 localhost kernel: uhci_hcd 0000:00:1d.2: new USB bus registered, assigned bus number 4
Dec 14 20:56:13 localhost kernel: hub 4-0:1.0: USB hub found
Dec 14 20:56:13 localhost kernel: hub 4-0:1.0: 2 ports detected
Dec 14 20:56:13 localhost kernel: md: Autodetecting RAID arrays.
Dec 14 20:56:13 localhost kernel: md: autorun ...
Dec 14 20:56:13 localhost kernel: md: ... autorun DONE.
Dec 14 20:56:13 localhost kernel: usb 4-1: new full speed USB device using address 2
Dec 14 20:56:13 localhost kernel: input: USB HID v1.11 Keyboard [ServerEngines SE USB Device] on usb-0000:00:1d.2-1
Dec 14 20:56:13 localhost kernel: input: USB HID v1.11 Mouse [ServerEngines SE USB Device] on usb-0000:00:1d.2-1
Dec 14 20:56:13 localhost kernel: tg3: eth0: Link is up at 100 Mbps, full duplex.
Dec 14 20:56:13 localhost kernel: tg3: eth0: Flow control is off for TX and off for RX.
Dec 14 20:56:13 localhost kernel: ip_tables: (C) 2000-2002 Netfilter core team
Dec 14 20:56:13 localhost kernel: NET: Registered protocol family 10
Dec 14 20:56:13 localhost kernel: Disabled Privacy Extensions on device c0332e60(lo)
Dec 14 20:56:13 localhost kernel: IPv6 over IPv4 tunneling driver
Dec 14 20:56:13 localhost kernel: ip_tables: (C) 2000-2002 Netfilter core team
Dec 14 20:56:13 localhost kernel: drivers/usb/input/hid-input.c: event field not found
Dec 14 20:56:13 localhost kernel: ACPI: Power Button (FF) [PWRF]
Dec 14 20:56:13 localhost kernel: EXT3 FS on hda3, internal journal
Dec 14 20:56:13 localhost kernel: device-mapper: 4.1.0-ioctl (2003-12-10) initialised: dm@uk.sistina.com
Dec 14 20:56:13 localhost kernel: kjournald starting. Commit interval 5 seconds
Dec 14 20:56:13 localhost kernel: EXT3 FS on hda1, internal journal
Dec 14 20:56:13 localhost kernel: EXT3-fs: mounted filesystem with ordered data mode.
Dec 14 20:56:13 localhost kernel: Adding 4096564k swap on /dev/hda2. Priority:-1 extents:1
Dec 14 20:56:13 localhost kernel: ip_tables: (C) 2000-2002 Netfilter core team
Dec 14 20:56:13 localhost kernel: ip_conntrack version 2.1 (8192 buckets, 65536 max) - 340 bytes per conntrack
Dec 14 20:56:18 localhost gdm[2673]: gdm_slave_xioerror_handler：致命的 X 错误 - 正在重新启动 :0
Dec 14 20:56:28 localhost gdm[2769]: gdm_slave_xioerror_handler：致命的 X 错误 - 正在重新启动 :0
Dec 14 20:56:38 localhost gdm[2913]: gdm_slave_xioerror_handler：致命的 X 错误 - 正在重新启动 :0
Dec 14 20:56:38 localhost gdm[2248]: deal_with_x_crashes：正在运行 XKeepsCrashing 脚本
Dec 14 20:56:39 localhost sshd(pam_unix)[3167]: session opened for user root by root(uid=0)
Dec 14 20:57:37 localhost sshd(pam_unix)[3201]: session opened for user root by root(uid=0)
Dec 14 20:57:50 localhost proftpd[3234]: localhost - ProFTPD 1.3.1 (stable) (built 一 8月 11 15:36:21 CST 2008) standalone mode STARTUP
Dec 14 20:59:07 localhost sshd(pam_unix)[3238]: session opened for user root by root(uid=0)
Dec 14 21:00:02 localhost proftpd[3273]: localhost (125.73.126.75[125.73.126.75]) - FTP session opened.
Dec 14 21:01:01 localhost crond(pam_unix)[3724]: session opened for user root by (uid=0)
Dec 14 21:01:01 localhost crond(pam_unix)[3724]: session closed for user root
Dec 14 21:01:02 localhost lsb_log_message: failed

[想入非非]

好长没有重点。。。不知道怎么着手

[lewy7]

这十分钟内就这么多记录了，我是看不懂，所以才劳烦大虾了
Dec 14 20:56:13 localhost kernel: ip_conntrack version 2.1 (8192 buckets, 65536 max) - 340 bytes per conntrack
Dec 14 20:56:18 localhost gdm[2673]: gdm_slave_xioerror_handler：致命的 X 错误 - 正在重新启动 :0
Dec 14 20:56:28 localhost gdm[2769]: gdm_slave_xioerror_handler：致命的 X 错误 - 正在重新启动 :0
Dec 14 20:56:38 localhost gdm[2913]: gdm_slave_xioerror_handler：致命的 X 错误 - 正在重新启动 :0
Dec 14 20:56:38 localhost gdm[2248]: deal_with_x_crashes：正在运行 XKeepsCrashing 脚本

[lewy7]

顶啊，不要沉啊~~~没有达人来吗？

[xhy]

服务器你还敢开gdm ?

[bones7456]

Dec 14 18:25:55 localhost sshd(pam_unix)[4596]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.170.79.47
//上述记录出现了100多次
Dec 14 18:25:58 localhost sshd(pam_unix)[4599]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.170.79.47 user=mailnull
Dec 14 18:26:01 localhost sshd(pam_unix)[4607]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.170.79.47 user=nfsnobody
Dec 14 18:26:03 localhost sshd(pam_unix)[4633]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.170.79.47 user=rpcuser
Dec 14 18:26:06 localhost sshd(pam_unix)[4635]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.170.79.47 user=rpc

有人在攻击你,搞个 denyhosts ,不过这个应该不是主要原因.