Questions concerning Security Log
Dotan Cohen
dotancohen at gmail.com
Thu Apr 7 06:14:33 UTC 2005
As I'm still new to linux I like to open things and see what they are
/ do. So I opened the KDE System Logs program, clicked on over to
Security logs, and found a bunch of these:
Apr 4 02:15:03 localhost sshd[26567]: Failed password for invalid
user test from ::ffff:219.238.239.10 port 3429 ssh2
and these:
Apr 5 04:47:24 localhost sshd[7287]: reverse mapping checking
getaddrinfo for h169-210-68-8.adcast.com.tw failed - POSSIBLE BREAKIN
ATTEMPT!
and many more like it. Is this something to worry about? Chkrootkit
didn't find anything suspicious, so that makes me feel a little
better, but as I am unable to start firestarter I am a little nervous.
By the way, what is the difference between chkrootkit and chkrootkitX?
They both run in the terminal (I thought that chkrootkitX would open
up in a gui or something).
Is it unsafe to put a copy of the log on my site and post a link to it
here? it spans about 1500 lines, so I do not want to email it to the
list.
Thanks all! You guys have always been so helpful!
Dotan Cohen
http://EnglishLirics.com/
http://Song-Liriks.com/
More information about the users
mailing list