Logcheckmeldung

Rund um die Sicherheit des Systems und die Applikationen
schuehler
Posts: 21
Joined: 2004-10-20 21:47
 

Logcheckmeldung

Post by schuehler »

Hallo,

ich habe mal eine Frag zu den Logcheckmeldungen.

Seit einigen Tagen ist zu erkennen das sich Leute versuchen am Server anzumelden. Bisher zum Glück ohne Ergolg.

Jetzt kam eine Meldung die ich nicht zuordnen kann:

Code: Select all

Security Events
=-=-=-=-=-=-=-=
Oct 19 22:43:26 zauberberg sshd[17964]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:43:27 zauberberg sshd[17966]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:43:28 zauberberg sshd[17968]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:43:30 zauberberg sshd[17972]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:43:30 zauberberg sshd[17970]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:43:31 zauberberg sshd[17974]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:43:32 zauberberg sshd[17976]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:43:33 zauberberg sshd[17978]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:43:35 zauberberg sshd[17980]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:43:38 zauberberg sshd[17982]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:43:40 zauberberg sshd[17984]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:43:41 zauberberg sshd[17986]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:43:42 zauberberg sshd[17988]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:43:48 zauberberg sshd[17990]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:43:49 zauberberg sshd[17992]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:43:50 zauberberg sshd[17994]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:43:54 zauberberg sshd[17996]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:43:55 zauberberg sshd[17998]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:43:56 zauberberg sshd[18000]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:43:57 zauberberg sshd[18002]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:43:59 zauberberg sshd[18004]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:44:00 zauberberg sshd[18006]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:44:01 zauberberg sshd[18008]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:44:02 zauberberg sshd[18010]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:44:03 zauberberg sshd[18012]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:44:04 zauberberg sshd[18014]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:44:08 zauberberg sshd[18016]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:44:09 zauberberg sshd[18018]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:44:09 zauberberg sshd[18020]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:44:10 zauberberg sshd[18022]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:44:11 zauberberg sshd[18024]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:44:13 zauberberg sshd[18026]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:44:15 zauberberg sshd[18028]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:44:16 zauberberg sshd[18030]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:44:21 zauberberg sshd[18032]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:44:22 zauberberg sshd[18034]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:44:23 zauberberg sshd[18036]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:44:25 zauberberg sshd[18038]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:44:28 zauberberg sshd[18040]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:44:29 zauberberg sshd[18042]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:44:30 zauberberg sshd[18044]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:44:31 zauberberg sshd[18046]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:44:33 zauberberg sshd[18048]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:44:33 zauberberg sshd[18050]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:44:34 zauberberg sshd[18052]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:44:35 zauberberg sshd[18054]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:44:36 zauberberg sshd[18056]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:44:37 zauberberg sshd[18058]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:44:40 zauberberg sshd[18060]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:44:40 zauberberg sshd[18062]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:44:42 zauberberg sshd[18064]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:44:43 zauberberg sshd[18066]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:44:45 zauberberg sshd[18068]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:44:46 zauberberg sshd[18070]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:44:47 zauberberg sshd[18072]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:44:51 zauberberg sshd[18074]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:44:52 zauberberg sshd[18076]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:44:53 zauberberg sshd[18078]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:45:00 zauberberg sshd[18080]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:45:05 zauberberg sshd[18082]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:45:09 zauberberg sshd[18084]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:45:11 zauberberg sshd[18086]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:45:11 zauberberg sshd[18088]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:45:13 zauberberg sshd[18090]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:45:13 zauberberg sshd[18092]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:45:14 zauberberg sshd[18094]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:45:22 zauberberg sshd[18096]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:45:26 zauberberg sshd[18098]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:45:27 zauberberg sshd[18100]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:45:31 zauberberg sshd[18102]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:45:35 zauberberg sshd[18104]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:45:36 zauberberg sshd[18106]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:45:40 zauberberg sshd[18108]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:45:42 zauberberg sshd[18110]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:45:43 zauberberg sshd[18112]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:45:50 zauberberg sshd[18114]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:45:56 zauberberg sshd[18116]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:45:57 zauberberg sshd[18118]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:45:58 zauberberg sshd[18120]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:45:59 zauberberg sshd[18122]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:46:03 zauberberg sshd[18124]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:46:04 zauberberg sshd[18126]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:46:12 zauberberg sshd[18128]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:46:14 zauberberg sshd[18130]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:46:21 zauberberg sshd[18132]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:46:22 zauberberg sshd[18134]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:46:27 zauberberg sshd[18136]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:46:29 zauberberg sshd[18138]: reverse mapping checking getaddrinfo for
ip6.com4media.de failed - POSSIBLE BREAKIN ATTEMPT!
Oct 19 22:47:08 zauberberg sshd[18142]: Failed unknown for illegal user ablh585
from 192.168.2.144 port 3048 ssh2

System Events
=-=-=-=-=-=-=
Oct 19 22:36:57 zauberberg sshd[17944]: Did not receive identification string from
212.223.7.6
Oct 19 22:43:26 zauberberg sshd[17966]: Illegal user patrick from 212.223.7.6
Oct 19 22:43:27 zauberberg sshd[17968]: Illegal user patrick from 212.223.7.6
Oct 19 22:43:34 zauberberg sshd[17980]: Illegal user rolo from 212.223.7.6
Oct 19 22:43:38 zauberberg sshd[17982]: Illegal user iceuser from 212.223.7.6
Oct 19 22:43:39 zauberberg sshd[17984]: Illegal user horde from 212.223.7.6
Oct 19 22:43:41 zauberberg sshd[17986]: Illegal user cyrus from 212.223.7.6
Oct 19 22:43:42 zauberberg sshd[17988]: Illegal user www from 212.223.7.6
Oct 19 22:43:48 zauberberg sshd[17990]: Illegal user wwwrun from 212.223.7.6
Oct 19 22:43:49 zauberberg sshd[17992]: Illegal user matt from 212.223.7.6
Oct 19 22:43:50 zauberberg sshd[17994]: Illegal user test from 212.223.7.6
Oct 19 22:43:53 zauberberg sshd[17996]: Illegal user test from 212.223.7.6
Oct 19 22:43:55 zauberberg sshd[17998]: Illegal user test from 212.223.7.6
Oct 19 22:43:56 zauberberg sshd[18000]: Illegal user test from 212.223.7.6
Oct 19 22:43:59 zauberberg sshd[18006]: Illegal user operator from 212.223.7.6
Oct 19 22:44:00 zauberberg sshd[18008]: Illegal user adm from 212.223.7.6
Oct 19 22:44:02 zauberberg sshd[18010]: Illegal user apache from 212.223.7.6
Oct 19 22:44:08 zauberberg sshd[18016]: Illegal user adm from 212.223.7.6
Oct 19 22:44:11 zauberberg sshd[18024]: Illegal user jane from 212.223.7.6
Oct 19 22:44:13 zauberberg sshd[18026]: Illegal user pamela from 212.223.7.6
Oct 19 22:44:24 zauberberg sshd[18038]: Illegal user cosmin from 212.223.7.6
Oct 19 22:45:42 zauberberg sshd[18112]: Illegal user cip52 from 212.223.7.6
Oct 19 22:45:50 zauberberg sshd[18114]: Illegal user cip51 from 212.223.7.6
Oct 19 22:45:57 zauberberg sshd[18118]: Illegal user noc from 212.223.7.6
Oct 19 22:46:12 zauberberg sshd[18128]: Illegal user webmaster from 212.223.7.6
Oct 19 22:46:14 zauberberg sshd[18130]: Illegal user data from 212.223.7.6
Oct 19 22:46:21 zauberberg sshd[18132]: Illegal user user from 212.223.7.6
Oct 19 22:46:21 zauberberg sshd[18134]: Illegal user user from 212.223.7.6
Oct 19 22:46:27 zauberberg sshd[18136]: Illegal user user from 212.223.7.6
Oct 19 22:46:29 zauberberg sshd[18138]: Illegal user web from 212.223.7.6
Was bedeuten die vielen Meldungen. Kann mir jemand helfen.

Viele Grüsse

Klaus
Top
floschi
Userprojekt
Userprojekt
Posts: 3247
Joined: 2002-07-18 08:13
Location: München
 

Re: Logcheckmeldung

Post by floschi »

Ein wenig in den Topics lesen hätte wohl gereicht:

Das ist ein seit einem halben Jahr sein Unwesen treibender Wurm/Virus, der nunmal solche Attacken fährt - natürlich zumeist ohne Erfolg, aber die Logmeldungen sind nunmal lästig.
Top
schuehler
Posts: 21
Joined: 2004-10-20 21:47
 

Re: Logcheckmeldung

Post by schuehler »

Hallo,

vielen Dank für die Antwort. Sorry hätte mich ersteinmal Umschauen müssen. Hohle das nach.

Gruss Klaus
Top

Return to “Security”