Hello rlug, am bagat ip/mac in /etc/ether, am rulat arp -f am instalat si arpwatch(care functioneaza...)
192.168.1.5 00:50:11:32:1E:C8 si acum vad ca s-a conectat cineva: /var/log/secure Dec 1 11:16:57 home sshd[13012]: Accepted password for root from 169.254.235.91 port 1055 /var/log/messages Dec 1 11:14:36 home arpwatch: bogon 169.254.235.91 00:50:11:32:1E:C8 Dec 1 11:15:41 home last message repeated 3 times Dec 1 11:16:50 home sshd(pam_unix)[13012]: authentication failure; logname= uid=0 euid=0 tty=NODEVssh ruser= rhost=169.254.235.91 user=root Dec 1 11:16:57 home sshd(pam_unix)[13012]: session opened for user root by (uid=0) Dec 1 11:17:22 home sshd(pam_unix)[13012]: session closed for user root si arpwatch nu a zis nimic!!! cum este posibil? serverul e un fedora core 1 cu update-urile la zi, toate porturile inchise in afara de 22(sshd) si a intrat tipu asta mi-e frica ca nu cumva fedora sa aiba o gaura de securitate :( -- Best regards, andy.rlug mailto:[EMAIL PROTECTED] --- Detalii despre listele noastre de mail: http://www.lug.ro/
