On 02/13/2013 08:56 PM, Stroller wrote: > > On 14 February 2013, at 04:13, Daniel Frey wrote: >> ... >> I've poked into this a bit more, and every 60 seconds 5 attempts at >> logon are being madeā¦ This weekend I'll reformat & reinstall. > > Excuse me if this is a dumb question, but does this machine have any ports > open to the internet? > > This thread reminds me of how we sometimes hear of logfiles full of many ssh > attempts made by script kiddies and botnets. > > Stroller. > >
This particular machine doesn't have ssh/xinetd or the like routed from outside the local LAN. I scoured through the logs and the problem started Jan 29th (this is the day my SSD died.) I have set up xinetd to spawn remote desktop sessions to X (again, not from outside the LAN) and I noticed that these errors started right after the first kernel boot from the replacement drive (rust-based, but should make no difference.) The errors started immediately after xinetd started. I am thinking that the data I recovered from that SSD was not so reliable. I think I'm going to oneshot libtool and gcc and do an emerge -e world. I'll then check my xinetd configs. If that doesn't work I'll have to reformat & reinstall (which will be a pain in the ass, this machine is also my mythtv backend!) I went through netstat and checked & doublechecked my router and there's no forwarding of ports related to ssh or the like. I do have on port forwarded for rtorrent but that's it. At this point I'm 99.99% positive it's related to my SSD "crash". Dan