If that is all there is in the Xinetd (and FTPd?) logs you'll need to make it / them log verbose. If this is not a "free for all" site you may want to review and tighten access to services through a combination of xinetd configuration file directive, hosts.{allow,deny} and firewall. Iptables can also help you just log things if you don't want to or can not block, and an IDS like Snort can help pinpoint people trying to gain access over the 'net using sploits.
|