MORE SSH Hacking: heads-up
Steven Stern
subscribed-lists at sterndata.com
Wed Aug 4 14:37:11 UTC 2004
On Wed, 4 Aug 2004 10:25:05 -0400, jeem machine <jmachine at gmail.com> wrote:
>On Wed, 04 Aug 2004 08:25:36 -0500, Steven Stern
><subscribed-lists at sterndata.com> wrote:
>> On Tue, 03 Aug 2004 21:40:18 -0700, Ow Mun Heng <Ow.Mun.Heng at wdc.com> wrote:
>>
>> My logs from last night:
>>
>> Failed logins from these:
>> guest/password from ::ffff:143.107.235.116: 1 Time(s)
>> guest/password from ::ffff:211.105.46.30: 1 Time(s)
>> test/password from ::ffff:143.107.235.116: 1 Time(s)
>> test/password from ::ffff:211.105.46.30: 1 Time(s)
>>
>> Illegal users from these:
>> guest/none from ::ffff:143.107.235.116: 1 Time(s)
>> guest/none from ::ffff:211.105.46.30: 1 Time(s)
>> guest/password from ::ffff:143.107.235.116: 1 Time(s)
>> guest/password from ::ffff:211.105.46.30: 1 Time(s)
>> test/none from ::ffff:143.107.235.116: 1 Time(s)
>> test/none from ::ffff:211.105.46.30: 1 Time(s)
>> test/password from ::ffff:143.107.235.116: 1 Time(s)
>> test/password from ::ffff:211.105.46.30: 1 Time(s)
>>
>
>>
>Which logs are you looking at. I would like to check my system
The snipped above comes from the nightly logwatch run, mailed to root.
Logwatch searches through /var/log/secure*
--
Steve
More information about the fedora-list
mailing list