logwatch messages

Tue, 12 Feb 2008 18:49:39 -0800

I just now noticed that root has mail. And it goes back several months, even back to before I switched to DSL when I was still on dialup.
Apparently, even way back then, there were attempts to log into my system. There are a multitude of attempts via SSHD (sshd has recently been shut off when I saw network activity when there should have been none): 
sshd:
   Authentication Failures:
      unknown (webservices.trest.com): 324 Time(s)
      root (webservices.trest.com): 34 Time(s)
      apache (webservices.trest.com): 10 Time(s)
      adm (webservices.trest.com): 9 Time(s)
      ftp (webservices.trest.com): 9 Time(s)
      mail (webservices.trest.com): 7 Time(s)
   Invalid Users:
      Unknown Account: 324 Time(s)

and a couple of days later:
sshd:
   Authentication Failures:
      unknown (218.244.130.46): 92 Time(s)
      root (218.244.130.46): 15 Time(s)
      root (89-149-202-225.internetserviceteam.com): 6 Time(s)
      adm (218.244.130.46): 1 Time(s)
      apache (218.244.130.46): 1 Time(s)
      bin (218.244.130.46): 1 Time(s)
      daemon (218.244.130.46): 1 Time(s)
      ftp (218.244.130.46): 1 Time(s)
      games (218.244.130.46): 1 Time(s)
      lp (218.244.130.46): 1 Time(s)
      mail (218.244.130.46): 1 Time(s)
      news (218.244.130.46): 1 Time(s)
      nobody (218.244.130.46): 1 Time(s)
      operator (218.244.130.46): 1 Time(s)
      rpm (218.244.130.46): 1 Time(s)
      sshd (218.244.130.46): 1 Time(s)
   Invalid Users:
      Unknown Account: 92 Time(s)
I'm guessing that someone at 218.244.130.46 was trying to log in as root (15 times), adm, apache, bin, daemon, ftp, games, lp, mail, news, nobody, operator, rpm, sshd, and 92 unknown users?
I'm wanting to delete old mail. But I want to at least understand it before I delete it.
I doubt that I've been owned, but how would I check? With all the yum updates I've done, I doubt my system files will match up with the installation CDs. 



--
Ralph

--------------------
Fairy tales do not tell children that dragons exist. Children already know that dragons exist. Fairy tales tell children that dragons can be killed. 
--G. K. Chesterton

--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-newbie

Reply via email to