I have just setup a debian ftp server for our family to share photos and I'm trying to make it as secure as possible. While looking at the auth.log file there are some lines that concern me.
Feb 9 06:25:01 server CRON: (pam_unix) session opened for user root by (uid=0)
Feb 9 06:25:02 server su: Successful su for nobody by root
Feb 9 06:25:02 server su: + ??? root:nobody
No one was using this computer at the time of these logs. Is this something I should be worried about or is this just something a service is doing?
Thanks for any info you can give.