Jump to content

SUBIECTE NOI
« 1 / 5 »
RSS
Apa la sticla din sticla

Întrebuințare telefoane vechi...

Dacia Lodgy sau Dacia Docker ?

Valeriu Nicolae
 Exista vreun dezavantaj la constr...

Problema martori semnalizare dire...

Umplere gol tamplarie-glaf

Produse inapoiate cu zgarieturi
 Recomandare laptop cu specificati...

Pareri? Este fiabil?Aer condition...

1 zi/noapte Gura Portitei

Samsung Galaxy S23 Plus
 Recomandare TV Samsung QLED

Cat ar trebui sa ma coste o incar...

UBB camin

Boxe active pentru terasa
 

Sunt sub atac?

- - - - -
Last Updated: Mar 20 2012 21:11, Started by dreamseeker11us , Mar 13 2012 04:05  
  ·  
  • Please log in to reply
5 replies to this topic

#1
dreamseeker11us
Posted 13 March 2012 - 04:05

dreamseeker11us

    Member

  • Grup: Members
  • Posts: 682
  • Înscris: 18.11.2009
Salve !

scuzati ma ca iar dau buzna...dar am vazut in vi var log secure, acele listen on port 22 - cineva incearca ceva cumva ?
uitati un citat din vi var log secure al meu!

multumesc in avans pt raspunsuri!



Mar 11 21:28:34 localhost sshd[4411]: Received signal 15; terminating.
Mar 11 21:29:57 localhost sshd[3118]: Server listening on 0.0.0.0 port 22.
Mar 11 21:36:46 localhost sshd[3118]: Received signal 15; terminating.
Mar 11 21:38:06 localhost sshd[3159]: Server listening on 0.0.0.0 port 22.
Mar 11 21:38:19 localhost gdm[3284]: pam_unix(gdm:session): session opened for user root by (uid=0)
Mar 11 21:48:55 localhost gdm[3284]: pam_unix(gdm:session): session closed for user root
Mar 11 21:48:56 localhost sshd[3159]: Received signal 15; terminating.
Mar 11 21:50:16 localhost sshd[3170]: Server listening on 0.0.0.0 port 22.
Mar 11 21:50:27 localhost gdm[3294]: pam_unix(gdm:session): session opened for user root by (uid=0)
Mar 11 21:54:27 localhost groupadd[3514]: new group: name=fuse, GID=103
Mar 11 22:08:19 localhost gdm[3294]: pam_unix(gdm:session): session closed for user root
Mar 11 22:08:21 localhost sshd[3170]: Received signal 15; terminating.
Mar 11 22:09:42 localhost sshd[3188]: Server listening on 0.0.0.0 port 22.
Mar 11 22:09:54 localhost gdm[3313]: pam_unix(gdm:session): session opened for user root by (uid=0)
Mar 11 22:24:00 localhost gdm[3313]: pam_unix(gdm:session): session closed for user root
Mar 11 22:24:02 localhost sshd[3188]: Received signal 15; terminating.
Mar 11 22:25:19 localhost sshd[3189]: Server listening on 0.0.0.0 port 22.
Mar 11 22:25:32 localhost gdm[3327]: pam_unix(gdm:session): session opened for user root by (uid=0)
Mar 11 23:19:04 localhost sshd[3189]: Received signal 15; terminating.
Mar 11 23:19:07 localhost sshd[3964]: Server listening on 0.0.0.0 port 22.
Mar 11 23:19:19 localhost groupadd[3992]: new group: name=mock, GID=104
Mar 11 23:34:51 localhost gdm[3327]: pam_unix(gdm:session): session closed for user root
Mar 11 23:34:53 localhost sshd[3964]: Received signal 15; terminating.
Mar 12 02:54:42 localhost sshd[3190]: Server listening on 0.0.0.0 port 22.
Mar 12 02:54:57 localhost gdm[3328]: pam_unix(gdm:session): session opened for user root by (uid=0)
Mar 12 04:45:02 localhost gdm[3328]: pam_unix(gdm:session): session closed for user root
Mar 12 04:45:04 localhost sshd[3190]: Received signal 15; terminating.
Mar 12 10:33:12 localhost sshd[3188]: Server listening on 0.0.0.0 port 22.
Mar 12 10:33:27 localhost gdm[3327]: pam_unix(gdm:session): session opened for user root by (uid=0)
Mar 12 10:40:15 localhost gdm[3327]: pam_unix(gdm:session): session closed for user root
Mar 12 10:40:17 localhost sshd[3188]: Received signal 15; terminating.
Mar 12 19:40:39 localhost sshd[3191]: Server listening on 0.0.0.0 port 22.
Mar 12 19:40:52 localhost gdm[3329]: pam_unix(gdm:session): session opened for user root by (uid=0)
Mar 13 02:41:49 localhost su: pam_unix(su:session): session opened for user cosmin by root(uid=0)
Mar 13 02:42:09 localhost su: pam_unix(su:session): session opened for user root by root(uid=500)
Mar 13 02:43:05 localhost useradd[6851]: new group: name=apache, GID=48
Mar 13 02:43:05 localhost useradd[6851]: new user: name=apache, UID=48, GID=48, home=/var/www, shell=/sbin/nologin
Mar 13 02:44:49 localhost useradd[6932]: new group: name=mysql, GID=27
Mar 13 02:44:49 localhost useradd[6932]: new user: name=mysql, UID=27, GID=27, home=/var/lib/mysql, shell=/bin/bash
Mar 13 02:45:13 localhost su: pam_unix(su:session): session opened for user ales by root(uid=0)
Mar 13 02:48:06 localhost su: pam_unix(su:session): session opened for user root by root(uid=500)

#2
JJackFLASH
Posted 13 March 2012 - 08:39

JJackFLASH

    Senior Member

  • Grup: Senior Members
  • Posts: 3,049
  • Înscris: 18.06.2010
Mar 11 21:38:06 localhost sshd[3159]: Server listening on 0.0.0.0 port 22.
Mar 11 21:38:19 localhost gdm[3284]: pam_unix(gdm:session): session opened for user root by (uid=0)
Mar 11 21:48:55 localhost gdm[3284]: pam_unix(gdm:session): session closed for user root

Schimba parola pentru ROOT ( daca nu-i tarziu deja ), cu alta  dificil de ghicit si usor de memorat.
Cineva ti-a accesat sistemul prin SSH ( port 22 )

Edited by JJackFLASH, 13 March 2012 - 08:43.

#3
entio
Posted 13 March 2012 - 15:57

entio

    Member

  • Grup: Members
  • Posts: 271
  • Înscris: 11.05.2007
Parca o masura de securitate era sa nu se permita autentificarea ca root prin SSH. Bine ca eu nu am server, atatea batai de cap...

#4
dreamseeker11us
Posted 13 March 2012 - 21:04

dreamseeker11us

    Member

  • Grup: Members
  • Posts: 682
  • Înscris: 18.11.2009
am dezactivat de tot login ul prin SSH ca root ....de fapt, am dezactivat ssh de tot :P

ms

#5
JJackFLASH
Posted 13 March 2012 - 23:51

JJackFLASH

    Senior Member

  • Grup: Senior Members
  • Posts: 3,049
  • Înscris: 18.06.2010

View Postdreamseeker11us, on 13th March 2012, 21:04, said:

am dezactivat de tot login ul prin SSH ca root ....de fapt, am dezactivat ssh de tot :P

ms
Mar 13 02:43:05 localhost useradd[6851]: new group: name=apache, GID=48
Mar 13 02:43:05 localhost useradd[6851]: new user: name=apache, UID=48, GID=48, home=/var/www, shell=/sbin/nologin
Mar 13 02:44:49 localhost useradd[6932]: new group: name=mysql, GID=27
Mar 13 02:44:49 localhost useradd[6932]: new user: name=mysql, UID=27, GID=27, home=/var/lib/mysql, shell=/bin/bash

Mai trebuie sa dezactivezi si utilizatorii apache , mysql pe care intrusul cela i-a creat.

#6
Huza
Posted 20 March 2012 - 21:11

Huza

    Senior Member

  • Grup: Senior Members
  • Posts: 2,417
  • Înscris: 07.11.2006
Sfaturi:
- instalat fail2ban
- setat alt port pt ssh, preferabil nu 2222 sau ceva asemanator, alegeti ceva random.

Anunturi

Chirurgia cranio-cerebrală minim invazivă Chirurgia cranio-cerebrală minim invazivă

Tehnicile minim invazive impun utilizarea unei tehnologii ultramoderne.

Endoscoapele operatorii de diverse tipuri, microscopul operator dedicat, neuronavigația, neuroelectrofiziologia, tehnicile avansate de anestezie, chirurgia cu pacientul treaz reprezintă armamentarium fără de care neurochirurgia prin "gaura cheii" nu ar fi posibilă. Folosind tehnicile de mai sus, tratăm un spectru larg de patologii cranio-cerebrale.

www.neurohope.ro
Back to Desktop users: distribuții bazate pe RPM

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

  1. Forumul Softpedia
  2. Soft Related / OS
  3. Linux / UNIX / Open Source
  4. Desktop users: distribuții bazate pe RPM
Forumul Softpedia foloseste "cookies" pentru a imbunatati experienta utilizatorilor Accept
Pentru detalii si optiuni legate de cookies si datele personale, consultati Politica de utilizare cookies si Politica de confidentialitate