[i=s] 本帖最后由 loven86 于 2011-7-12 09:19 编辑 [/i]
偶是个LINUX 新手
请帮我看下 这日志.. 因为看到 2个IP 1个 韩国 1个欧洲 有些可怕..所以来这请教
root (113.10.45.83): 3 Time(s) 韩国
root (151.77.230.236): 3 Time(s) 欧洲 我是不是 被盯上了~~
下面的日志啥意思..[code] ################### Logwatch 7.3 (03/24/06) ####################
Processing Initiated: Tue Jul 12 02:22:37 2011
Date Range Processed: yesterday
( 2011-Jul-11 )
Period is day.
Detail Level of Output: 0
Type of Output: unformatted
Logfiles for Host: idc5247
##################################################################
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
root (113.10.45.83): 3 Time(s)
root (151.77.230.236): 3 Time(s)
---------------------- pam_unix End -------------------------
--------------------- sendmail Begin ------------------------
SENDMAIL CONFIGURATION
----------------------
Aliases database out of date 4 Time(s)
---------------------- sendmail End -------------------------
--------------------- SSHD Begin ------------------------
Disconnecting after too many authentication failures for user:
root : 6 Time(s)
Failed logins from:
113.10.45.83: 3 times
151.77.230.236: 3 times
**Unmatched Entries**
PAM 6 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.10.45.83 user=root : 3 time(s)
PAM service(sshd) ignoring max retries; 7 > 3 : 6 time(s)
PAM 6 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.77.230.236 user=root : 3 time(s)
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/VolGroup00-LogVol00
141G 5.1G 129G 4% /
/dev/sda1 99M 19M 76M 20% /boot
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################[/code]
n10th 于 2011-07-21 20:56:28发表:
没看懂
breakbrain 于 2011-07-12 19:41:13发表:
sshd 有没有开放root登录?
loven86 于 2011-07-12 09:18:38发表:
谁帮我看下 谢谢拉 那2个IP是怎么回事