[svlug] opinion about this in my log...

Gordon Vrololjak gvrdolja at nature.Berkeley.EDU
Wed Oct 17 09:21:01 PDT 2001

Previous message: [svlug] (no subject)
Next message: [svlug] opinion about this in my log...
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello,
I ran into this in my log a couple days after shutting off telnet and
using ssh now.  I've not seen it before, but dumped the ip into
/etc/hosts.deny.  Should I contact the domain administrator as well?

Security Violations
=-=-=-=-=-=-=-=-=-=
Oct 17 07:35:17 wilfred sshd[21211]: log: reverse mapping checking gethostbyname for linux.skynetweb.com failed - POSSIBLE BREAKIN ATTEMPT!
Oct 17 07:35:29 wilfred sshd[21212]: log: reverse mapping checking gethostbyname for linux.skynetweb.com failed - POSSIBLE BREAKIN ATTEMPT!

Unusual System Events
=-=-=-=-=-=-=-=-=-=-=
Oct 17 07:35:17 wilfred sshd[21211]: log: Connection from 64.23.0.100 port 3382
Oct 17 07:35:17 wilfred sshd[21211]: log: reverse mapping checking gethostbyname for linux.skynetweb.com failed - POSSIBLE BREAKIN ATTEMPT!
Oct 17 07:35:17 wilfred sshd[21211]: fatal: Did not receive ident string.
Oct 17 07:35:29 wilfred sshd[21212]: log: Connection from 64.23.0.100 port 2433
Oct 17 07:35:29 wilfred sshd[21212]: log: reverse mapping checking gethostbyname for linux.skynetweb.com failed - POSSIBLE BREAKIN ATTEMPT!
Oct 17 07:35:29 wilfred sshd[21212]: fatal: Did not receive ident string.

Previous message: [svlug] (no subject)
Next message: [svlug] opinion about this in my log...
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the svlug mailing list