[Logwatch] sshd - unmatched entries - logwatch 7.3.6

Michał Panasiewicz wolvverine at tarchomin.pl
Wed Nov 14 20:11:51 MST 2007


 **Unmatched Entries**
 reverse mapping checking getaddrinfo for
customer2-26-37.iplannetworks.net [190.2.26.37] failed - POSSIBLE
BREAK-IN ATTEMPT! : 6 time(s)


# cat /var/log/sshd | grep reverse
...
Nov 14 12:52:50 serwer sshd[30743]: reverse mapping checking getaddrinfo
for customer2-26-37.iplannetworks.net [190.2.26.37] failed - POSSIBLE
BREAK-IN ATTEMPT!
Nov 14 12:52:52 serwer sshd[30755]: reverse mapping checking getaddrinfo
for customer2-26-37.iplannetworks.net [190.2.26.37] failed - POSSIBLE
BREAK-IN ATTEMPT!


**********************************************************************

 **Unmatched Entries**
 syslogin_perform_logout: logout() returned an error : 2 time(s)
 Received request to connect to host 192.168.0.53 port 3389, but the
request was denied. : 7 time(s)


# cat /var/log/sshd | grep syslogin_perform
Nov  6 15:30:04 serwer sshd[10783]: syslogin_perform_logout: logout()
returned an error
Nov  7 13:29:53 serwer sshd[14070]: syslogin_perform_logout: logout()
returned an error


# cat /var/log/sshd | grep request         
Nov 12 11:22:55 serwer sshd[3718]: Received request to connect to host
192.168.0.53 port 3389, but the request was denied.
Nov 12 11:23:35 serwer sshd[3718]: Received request to connect to host
192.168.0.53 port 3389, but the request was denied.

************************************************************************

 **Unmatched Entries**
 Address 220.213.184.197 maps to hnews.yoozma.jp, but this does not map
back to the address - POSSIBLE BREAK-IN ATTEMPT! : 6 time(s)


# cat /var/log/sshd | grep maps   
Nov 10 20:29:23 serwer sshd[18875]: Address 220.213.184.197 maps to
hnews.yoozma.jp, but this does not map back to the address - POSSIBLE
BREAK-IN ATTEMPT!
Nov 10 20:29:26 serwer sshd[18883]: Address 220.213.184.197 maps to
hnews.yoozma.jp, but this does not map back to the address - POSSIBLE
BREAK-IN ATTEMPT!


**************************************************************************
**Unmatched Entries**
 error: channel 0: chan_read_failed for istate 3 : 6 time(s)

# cat /var/log/sshd | grep channel
Nov  5 13:37:57 serwer sshd[2908]: error: channel 0: chan_read_failed
for istate 3
Nov  5 13:37:57 serwer sshd[2908]: error: channel 0: chan_read_failed
for istate 3


-- 
Michał Panasiewicz - PLD Linux Distribution Developer http://www.pld-linux.org
e-mail: wolvverine[at]tlen[dot]pl  wolvverine[at]pld-linux[dot]org
jabber: wolvverine[at]chrome[dot]pl
Linux user nr. #425323
 



More information about the Logwatch mailing list