On Wed, July 5, 2006 16:38, amjgoleafs@xxxxxxxxxxxx wrote: > How about just trying to disable the ping enquiries which precede these > snooper attacks: > > echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all > > echo 0 to reverse the command Interesting. Where is this located? > -----Original Message----- > From: Scott Taylor <scott@xxxxxxxxxxxxxxx> > To: linux-admin@xxxxxxxxxxxxxxx > Sent: Wed, 5 Jul 2006 08:02:59 -0700 (PDT) > Subject: Re: Could not get shadow information for NOUSER > > > Oh, and yes there is a NOUSER user in the system. > > On Wed, July 5, 2006 07:53, Scott Taylor wrote: >> >> >> Hello all, >> >> I have a CentOS 4.2 server that gives me these error messages in my >> /var/log/secure file, I realise that these are SSH attacks, but where >> does the extra line "Could not get shadow information for NOUSER" come >> from? This doesn't make any sense. I have many servers running CentOS >> 4.2, but don't get this error message on any others. I hate junk in my >> logs. >> Is there any way to get rid of it? >> >> Invalid user guest from ::ffff:210.210.4.60 >> error: Could not get shadow information for NOUSER >> Failed password for invalid user guest from ::ffff:210.210.4.60 port > 55073 >> ssh2 >> >> Cheers. -- Scott - : send the line "unsubscribe linux-admin" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
