Successful SSH Attack - Need help cleaning up
Matthew Walker
rorith at kydance.net
Tue Oct 31 11:09:09 MST 2006
On Tue, October 31, 2006 11:03 am, Brian Hawkins wrote:
> Good thread by the way. It made me aware of the ongoing attacks against
> my own ssh server.
>
> It was mentioned several times about /var/log/secure. It seemed
> significant that ssh was not logging to secure but to messages. On my
> machine (Suse 9) I do not have a /var/log/secure file. Please enlighten
> me as to this files significants and how it pertains to being hacked?
>
> Thanks
> Brian
>
That's not necessarily a bad sign. Some systems don't have the logs split
out like that by default.
--
Matthew Walker
Kydance Hosting & Consulting
LAMP Specialist
More information about the PLUG
mailing list