I just got a new server running RHEL4. I have it all patched up via up2date as of twodays ago and I just got my first site moved over and I am literaly working on the site when it seems to die and no longger works.
After looking around a bit I notice that apache is not serving up the default configuration page any longer even if I go to IP. I can still connect via SSH and webmin but I can not get httpd to start.
When I looked in /var/mail I found a bunch (thousands?) of enties like these below and the look like some kind of bruteforce attack?
************Small Sample**********
Quote:
input_userauth_request: invalid user mortimer
Failed password for invalid user mortimer from ::ffff:217.117.21.148 port 48787 ssh2
Failed password for invalid user mortimer from ::ffff:217.117.21.148 port 48787 ssh2
Invalid user mortimer from ::ffff:217.117.21.148
input_userauth_request: invalid user mortimer
Failed password for invalid user mortimer from ::ffff:217.117.21.148 port 48942 ssh2
Failed password for invalid user mortimer from ::ffff:217.117.21.148 port 48942 ssh2
Invalid user lloyd from ::ffff:217.117.21.148
input_userauth_request: invalid user lloyd
Failed password for invalid user lloyd from ::ffff:217.117.21.148 port 49091 ssh2
Failed password for invalid user lloyd from ::ffff:217.117.21.148 port 49091 ssh2
Invalid user lloyd from ::ffff:217.117.21.148
input_userauth_request: invalid user lloyd
Failed password for invalid user lloyd from ::ffff:217.117.21.148 port 49241 ssh2
Failed password for invalid user lloyd from ::ffff:217.117.21.148 port 49241 ssh2
Invalid user lloyd from ::ffff:217.117.21.148
input_userauth_request: invalid user lloyd
Failed password for invalid user lloyd from ::ffff:217.117.21.148 port 49398 ssh2
Failed password for invalid user lloyd from ::ffff:217.117.21.148 port 49398 ssh2
Invalid user guinness from ::ffff:217.117.21.148
input_userauth_request: invalid user guinness
Failed password for invalid user guinness from ::ffff:217.117.21.148 port 49550 ssh2
Failed password for invalid user guinness from ::ffff:217.117.21.148 port 49550 ssh2
Invalid user guinness from ::ffff:217.117.21.148
input_userauth_request: invalid user guinness
Failed password for invalid user guinness from ::ffff:217.117.21.148 port 49726 ssh2
Failed password for invalid user guinness from ::ffff:217.117.21.148 port 49726 ssh2
Invalid user guinness from ::ffff:217.117.21.148
|
I have it setup to run some small websites but I am pretty new with linux and just reading mail was pretty good for me. I"m not even sure where to start.
Any help would be wonderful!!!