Hi all. This is a mixed networking/security question. Early yesterday
morning I got up and noticed that my linux box, which has a permanent
cable connection, was quite busy. I hadn't left anything running, but
figured it was just my website being accessed. A little later, I checked
my /var/log/messages, and found these lines:
Nov 16 03:30:02 cr24327-9 telnetd[902]: ttloop: peer died: Invalid or
incomplete multibyte or wide character
Nov 16 03:30:02 cr24327-9 ftpd[901]: FTP session closed
There are no matching telnet or ftp session open entries, so I suspect a
break-in or attempted break-in.
Can anyone shed some light on this?
ta
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
