Who? Me?? Attacked???

[Junk]

On 23 Apr 2013, at 17:10, Beartooth <beartooth at comcast.net> wrote:

> On Mon, 22 Apr 2013 16:40:19 +0800, Ed Greshko wrote:
>    [....]
>> The only thing worse than a poorly asked question is a cryptic answer.
> 
>    OK, first off, I'm the OP. 
> 
>    I suppose I should be flattered at being addressed as if I were 
> an Alpha Plus Technoid; but I'm not one. I'm just an old twice-retired 
> bookworm, running Fedora because there's more and better help online for 
> it than for anything else I've tried (most of the well-known distros), 
> and because I began back in '98 with RedHat. I can't imagine anything I 
> have being of interest to an intruder.
> 

Your right. They probably aren't interested in what you have. They might be interested in taking over your machine as part of a botnet though. A large amount of attacks are now automated against wide ranges of devices

>    All the replies in this thread so far have been way over my head. 
> The one thing I gather some of you want is the error message from SEL, 
> verbatim. I don't have it; I presume it's in some log somewhere, but I 
> have no idea how to find that log.
> 

Try
sealert -a /var/log/audit/audit.log

Or

grep setroubleshoot /var/log/messages

There will have been a full report in the graphical tool that initially warned you but these should give the same result. 

Junk