Solved

fedora

Posted on 2011-03-12
2
294 Views
Last Modified: 2012-05-11
HELP!! - I'm not good at this - I have this entry in /var/spool/mail/root

users logging in through sshd:
   root:
      172.16.26.113 (itw-ws-0017.mydomain.com ) : 1 time
** unmatched entries **
warning /etc/hosts.allow line 14: missing ":" separator : 1 time (s)
address 172.16.26.113 maps to itw-ws-mydomain.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! : 1 time (s)

how can i see if this is a real possible break in?  Also - is there a way to see who is logged in to 172.16.26.113 using the ip address?
0
Comment
Question by:JeffBeall
2 Comments
 
LVL 77

Accepted Solution

by:
arnold earned 500 total points
ID: 35117367
hosts.allow has the format:
service:host or list of hosts.
The error seems to suggest that you have
entry entry2
versus
entry: entry2
0
 
LVL 1

Author Closing Comment

by:JeffBeall
ID: 35117455
you were right! I freaked out over nothing.
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
February 24, 2017 — On February 23, Travis Ormandy, a vulnerability researcher at Google, reported on Twitter (https://twitter.com/taviso/status/834900838837411840) that massive stores of data have been leaked by CloudFlare, a company that provide…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question