Am 2005-03-31 12:55:46, schrieb Frederic Guillet:
> Hi,
>
> i just checked my mail log on my server (that runs sarge with postfix)
> and got this kind of lines:
>
> MAR 30 20:01:33 servername sshd[17890] illegal user john from 24.15.134.130
>
> I have about 500 attemps with different usernames and the same IP so i
> guess it is a robot which is trying to enter my system.
Be happy...
Today I have gotten more then 3000 of this...
18 MByte of "/var/log/sshd.log".
> the pb with such log is that it does not say if the user has succeeded
> to enter the machine or if the attempt has failed.
If you post only one line, then we can not know anything...
You should post the whole attempt of "24.15.134.130"
> Thank in advance for your help.
>
> -------------------------------
> Frederic Guillet
Greetings
Michelle
--
Linux-User #280138 with the Linux Counter, http://counter.li.org/
Michelle Konzack Apt. 917 ICQ #328449886
50, rue de Soultz MSM LinuxMichi
0033/3/88452356 67100 Strasbourg/France IRC #Debian (irc.icq.com)
Attachment:
signature.pgp
Description: Digital signature