Can someone help me interpret these logs, I think someone is trying to hack in. Aside from closing my telnet port. What else should I do if I really need my telnet server running. Dec 16 20:39:53 delllinux sshd[1073]: Received signal 15; terminating. Dec 16 20:42:20 delllinux sshd[1073]: Server listening on 0.0.0.0 port 22. Dec 16 20:48:40 delllinux sshd[1073]: Received signal 15; terminating. Dec 16 20:53:52 delllinux sshd[1073]: Server listening on 0.0.0.0 port 22. Dec 16 20:56:29 delllinux login: FAILED LOGIN 1 FROM (null) FOR root, Authentication failure Dec 16 20:56:36 delllinux login: FAILED LOGIN 2 FROM (null) FOR root, Authentication failure Dec 16 21:06:15 delllinux xinetd[1106]: START: telnet pid=1567 from=192.168.1.2 Dec 17 09:03:53 delllinux sshd[1073]: Received signal 15; terminating. Dec 17 09:05:49 delllinux sshd[543]: Server listening on 0.0.0.0 port 22. This is the second kind of attempt. Even if I have hosts.deny to ALL:ALL someone(203.239.191.250) can still get in? Unlike 218.69.12.67 which connection didn't even get through. Dec 31 19:31:32 delllinux xinetd[840]: START: telnet pid=18317 from=203.239.191.250 Dec 31 19:31:32 delllinux xinetd[18317]: FAIL: telnet libwrap from=203.239.191.250 Dec 31 23:45:35 delllinux sshd[19476]: refused connect from 218.69.12.67 (218.69.12.67) -- Psyche-list mailing list Psyche-list@redhat.com https://listman.redhat.com/mailman/listinfo/psyche-list
