Am 2005-03-31 12:55:46, schrieb Frederic Guillet: > Hi, > > i just checked my mail log on my server (that runs sarge with postfix) > and got this kind of lines: > > MAR 30 20:01:33 servername sshd[17890] illegal user john from 24.15.134.130 > > I have about 500 attemps with different usernames and the same IP so i > guess it is a robot which is trying to enter my system. Be happy... Today I have gotten more then 3000 of this... 18 MByte of "/var/log/sshd.log". > the pb with such log is that it does not say if the user has succeeded > to enter the machine or if the attempt has failed. If you post only one line, then we can not know anything... You should post the whole attempt of "24.15.134.130" > Thank in advance for your help. > > ------------------------------- > Frederic Guillet Greetings Michelle -- Linux-User #280138 with the Linux Counter, http://counter.li.org/ Michelle Konzack Apt. 917 ICQ #328449886 50, rue de Soultz MSM LinuxMichi 0033/3/88452356 67100 Strasbourg/France IRC #Debian (irc.icq.com)
Attachment:
signature.pgp
Description: Digital signature