[Gllug] Non-existent user in /var/log/secure
Alain Williams
addw at phcomp.co.uk
Wed Jun 24 15:20:49 UTC 2009
On Wed, Jun 24, 2009 at 02:48:10PM +0100, gvimrc wrote:
> Peter Corlett wrote:
> > On Wed, Jun 24, 2009 at 02:14:06PM +0100, gvimrc wrote:
> >
> > That looks awfully like you're being ssh scanned by a worm. Apart from the
> > light bandwidth drain and filling your logs, it's harmless provided you have
> > strong passwords on all of your accounts.
> >
>
> SSH is running on a non-standard port on this machine. Dovecot offers POP3 but I've firewalled it to limit access from a handful of IPs.
pop3 or pop3s ?
Ought to be the latter... especially if the same passwords are used as those to login.
--
Alain Williams
Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer.
+44 (0) 787 668 0256 http://www.phcomp.co.uk/
Parliament Hill Computers Ltd. Registration Information: http://www.phcomp.co.uk/contact.php
Past chairman of UKUUG: http://www.ukuug.org/
#include <std_disclaimer.h>
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list