Hi, You should enable kernel dump logs. auth log is worst place for searching the cause of crashing.
2016-02-18 23:13 GMT+02:00 Chris <chris2...@postbox.xyz>: > Dear All, > > after the following entry > > Feb 18 17:48:05 jupiter sshd[30204]: pam_unix(sshd:auth): authentication > failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.88.177.93 > user=root > > ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^ > > my Jessie Server was down. > > Has anyone seen this? Went it accidentally down? Is this already an libc > exploit? > > - Chris > > -- Best regards, Roman.