[CLUE-Tech] possible breakin attempt
Mike
lister-clue at gantsfort.com
Thu Oct 28 09:34:57 MDT 2004
Can anyone shed light on these messages in /var/log/auth.log:
(all on one line but will line wrap here)
Aug 30 12:46:50 mg2 sshd[10555]: reverse mapping checking getaddrinfo
for ip-202-147-54-103.asianetcom.net failed - POSSIBLE BREAKIN ATTEMPT!
There were 9 such messages on Aug 30th and 107 on Oct 9th.
What are they trying to exploit?
ckrootkit and rkhunter found nothing. What else I should check?
Thanks,
Mike
More information about the clue-tech
mailing list