[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[debian-users:35147] Re: syslogとauthlogが違うアクセス

From: yutaka <y-taka21@xxxxxxxxxxxxxxx>
Subject: [debian-users:35147] Re: syslogとauthlogが違うアクセス
Date: Thu, 31 Oct 2002 15:18:51 +0900
List-help: <mailto:debian-users-ctl@debian.or.jp?body=help>
List-id: debian-users.debian.or.jp
List-owner: <mailto:debian-users-admin@debian.or.jp>
List-post: <mailto:debian-users@debian.or.jp>
List-software: fml [fml 4.0.3 release (20011202/4.0.3)]
List-unsubscribe: <mailto:debian-users-ctl@debian.or.jp?body=unsubscribe>
X-ml-info: If you have a question, send e-mail with the body "help" (without quotes) to the address debian-users-ctl@debian.or.jp; help=<mailto:debian-users-ctl@debian.or.jp?body=help>
X-ml-name: debian-users
X-mlserver: fml [fml 4.0.3 release (20011202/4.0.3)]; post only (only members can post)
X-sender: sato-yutaka <yutaka@xxxxxxxxxxxxxx>
X-spam-level:
X-spam-status: No, hits=-3.0 required=10.0 tests=IN_REP_TO,ISO2022JP_CHARSET,FROM_NAME_NO_SPACES, FROM_ENDS_IN_NUMS,ISO2022JP_BODY,CASHCASHCASH,WEIRD_PORT version=2.31
References: <20021031150737.61a203f8.y-taka21@xxxxxxxxxxxxxxx> <20021031061001.EC6405380C@xxxxxxxxxxxxxxxxxxxxxx>
Message-id: <20021031152405.7b0c0443.y-taka21@xxxxxxxxxxxxxxx>
X-mail-count: 35147
X-mailer: Sylpheed version 0.7.4 (GTK+ 1.2.10; i386-debian-linux-gnu)

武藤様有難う御座いました
この手の輩には触らない方が無難ですよね

> > ちょっと気になるlogが有りましたので御意見を頂きたいと思い投稿しました
> > 
> > /var/log/syslogに以下のようなアクセスが有り
> > Oct 31 08:01:20 hoge proftpd[15276]: connect from 61.136.151.3
> > Oct 31 08:01:20 hoge proftpd[15276]: No certificate files found! 
> > Oct 31 08:01:20 hoge proftpd[15276]: ky-s.net (61.136.151.3[61.136.151.3]) - FTP session opened. 
> > Oct 31 08:01:20 hoge proftpd[15276]: ky-s.net (61.136.151.3[61.136.151.3]) - FTP session closed. 
> > 
> > /var/log/auth.logにアクセスの記録が有りません
> > Oct 31 07:40:02 hoge PAM_unix[15269]: (cron) session closed for user root
> > Oct 31 08:40:01 hoge PAM_unix[15285]: (cron) session opened for user root by (uid=0)
> 
> 1. ftpの最初のコネクションを張る
> 2. 認証フェーズ(ログイン名)になったらコネクションを切る
> 
> をやってみるとわかります。
> 
> まぁ単なるポートスキャンでは。

                                         ------------------------------------
                                                   きくやの若旦那??    
                     　                   E-mail 　y-taka21@xxxxxxxxxxxxxxx
                                          Web http://www7.ocn.ne.jp/~kikuya3
                                         ------------------------------------

References:
- [debian-users:35145] syslogとauthlogが違うアクセス
  - From: yutaka
- [debian-users:35146] Re: syslogとauthlogが違うアクセス
  - From: Kenshi Muto

Prev by Date: [debian-users:35146] Re: syslogとauthlogが違うアクセス
Next by Date: [debian-users:35148] Re: Telnet 接続が遅い(woody)
Previous by thread: [debian-users:35146] Re: syslogとauthlogが違うアクセス
Next by thread: [debian-users:35150] [Translate] [SECURITY] [DSA 184-1] New krb4 packages fix buffer overflow
Index(es):
- Date
- Thread