Interpreting Logs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Can someone help me interpret these logs, I think someone is trying to hack
in.  Aside from closing my telnet port.
What else should I do if I really need my telnet server running.

Dec 16 20:39:53 delllinux sshd[1073]: Received signal 15; terminating.
Dec 16 20:42:20 delllinux sshd[1073]: Server listening on 0.0.0.0 port 22.
Dec 16 20:48:40 delllinux sshd[1073]: Received signal 15; terminating.
Dec 16 20:53:52 delllinux sshd[1073]: Server listening on 0.0.0.0 port 22.
Dec 16 20:56:29 delllinux login: FAILED LOGIN 1 FROM (null) FOR root,
Authentication failure
Dec 16 20:56:36 delllinux login: FAILED LOGIN 2 FROM (null) FOR root,
Authentication failure
Dec 16 21:06:15 delllinux xinetd[1106]: START: telnet pid=1567
from=192.168.1.2
Dec 17 09:03:53 delllinux sshd[1073]: Received signal 15; terminating.
Dec 17 09:05:49 delllinux sshd[543]: Server listening on 0.0.0.0 port 22.


This is the second kind of attempt.  Even if I have hosts.deny to ALL:ALL
someone(203.239.191.250) can still get in?
Unlike 218.69.12.67 which connection didn't even get through.

Dec 31 19:31:32 delllinux xinetd[840]: START: telnet pid=18317
from=203.239.191.250
Dec 31 19:31:32 delllinux xinetd[18317]: FAIL: telnet libwrap
from=203.239.191.250
Dec 31 23:45:35 delllinux sshd[19476]: refused connect from 218.69.12.67
(218.69.12.67)



-- 
Psyche-list mailing list
Psyche-list@redhat.com
https://listman.redhat.com/mailman/listinfo/psyche-list

[Index of Archives]     [Fedora General Discussion]     [Red Hat General Discussion]     [Centos]     [Kernel]     [Red Hat Install]     [Red Hat Watch]     [Red Hat Development]     [Red Hat 9]     [Gimp]     [Yosemite News]

  Powered by Linux