Useless log message "POSSIBLE BREAK-IN ATTEMPT"

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



 

We cannot conclude that just because the source IP address of a
connection doesn't have forward and reverse DNS info, that the
connection is a break-in attempt. This is a content-free entry that
wastes valuable visual space in the auth log: 

Dec 23 2013 18:51:44 localhost sshd[30321]: reverse mapping checking
getaddrinfo for 222.109.250.63.static.addr.dsl4u.ca [63.250.109.222]
failed - POSSIBLE BREAK-IN ATTEMPT! 

That was me, logging in from a smartphone, from a Wi-Fi hotspot. 

Never mind logging; the software should not even be performing these
pointless time and bandwidth wasting lookups. 

 


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux