I just got a mail from my system ,when I opened this I find something unusual that worried me,so can any one help me regarding this..
showing some part of the message..
today
Code:
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
root (211.75.183.115): 7 Time(s)
unknown (59.49.14.12): 2 Time(s)
root (office.meijob.com): 1 Time(s)
Invalid Users:
Unknown Account: 2 Time(s)
and yesterday
Code:
--------------------- SSHD Begin ------------------------
Failed logins from:
211.75.183.115 (211-75-183-115.HINET-IP.hinet.net): 7 times
211.99.138.146 (office.meijob.com): 1 time
Illegal users from:
59.49.14.12: 2 times
Received disconnect:
11: Bye Bye : 7 Time(s)
**Unmatched Entries**
reverse mapping checking getaddrinfo for 211-75-183-115.hinet-ip.hinet.net failed - POSSIBLE BREAK-IN ATTEMPT! : 7 time(s)
pam_succeed_if(sshd:auth): error retrieving information about user sales : 1 time(s)
pam_succeed_if(sshd:auth): error retrieving information about user staff : 1 time(s)
---------------------- SSHD End -------------------------
And how will I stop thing like these ,how to handle thos Illiegal users,Invalid accounts,Unknown accounts.. etc...