Login or Register to Ask a Question and Join Our Community


AIX

How critical is this info,from syslog?

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems AIX How critical is this info,from syslog?
# 1  
Old 01-27-2010
Bug How critical is this info,from syslog?
Hello Gurus
I have a linux box which is trying to connect to HOST-1 via ssh.Recently i have been submitted following entries from 'syslog' from this HOST-1.

As you can see,there are 3 failed login attempts logged for my user 'eatcid' coming from my linux box to this HOST-1 which is AIX.The fourth entry ,although,shows successful entry.

I am not much of administrator and do not know what this information means.Can someone please explain what this indicates and how critical it is?

<IP> == My Linux Box


HTML Code:
Logged At	Logging Device Name	Target Resource	Intrusion Action ID	Intrusion Outcome ID	Description
Jan 20, 2010 6:28:22 AM EST	<HOST-1>	eatcid	Login	Failed	forwarded from <HOST-1>: sshd 1278052 : Failed password for eatcid from <IP> port 39687 ssh2
Jan 20, 2010 6:28:22 AM EST	<HOST-1>	eatcid	Login	Failed	forwarded from <HOST-1>: sshd 1278052 : Failed password for eatcid from <IP> port 39687 ssh2
Jan 20, 2010 6:28:22 AM EST	<HOST-1>	eatcid	Login	Failed	forwarded from <HOST-1>: sshd 1278052 : Failed password for eatcid from <IP> port 39687 ssh2
Jan 20, 2010 6:28:38 AM EST	<HOST-1>	eatcid	Login	Succeeded	forwarded from <HOST-1>: sshd 1278056 : Accepted password for eatcid from <IP> port 39809 ssh2


Regards
Abhi
# 2  
Old 01-28-2010
The log already says it. It simply says there have been 3 failed attempts from your box with a wrong password (3 tries in 1 second, maybe a script?) and 16 seconds later it worked.
# 3  
Old 01-28-2010
Bug
yup...

how about second question ?

is there some setting done in any conf file on this AIX box,which is causing messages to appear in syslog ?
# 4  
Old 01-28-2010
Which second question? How critical is this message? Well... you've managed to enter the correct password and access the system. Depending on circumstances this may be trivial or ciritical. Smilie
# 5  
Old 01-29-2010
syslog.conf
Padow
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. Solaris

Solaris cluster critical issue

Hi all, Few hours ago I did some changes in our Solaris cluster servers. Below are changes I did : 1. Installed latest Solaris 10 patchset from oracle. 2. Enabled BSM log module. Entered into single user mode and rebooted. After reboot changed to multi-user mode and rebooted again. Now... (7 Replies)
Discussion started by: sembii
7 Replies

2. UNIX for Advanced & Expert Users

Critical lib renamed

Hello I have moved a critical lib from its location, so all programms linked to libc dont work . I still have two shells on the machine, bash and ksh The only thing I see is copying back the lib, but of course : dd, cp , mv etc are dead . So i tryed a loop with read ... {^Jwhile read... (24 Replies)
Discussion started by: remi75
24 Replies

3. UNIX for Dummies Questions & Answers

Error in terminal: Gtk-CRITICAL

Hi, I am using Ubuntu 10.04. Recently I have seen this error appear in my terminal as I edit text files with gedit: (gedit:2841): Gtk-CRITICAL **: gtk_widget_is_ancestor: assertion `ancestor != NULL' failed Any ideas on what this means? Mike (1 Reply)
Discussion started by: msb65
1 Replies

4. HP-UX

Critical files in /etc overwritten EMPTY!

The following files were wiped out - new empty files were left in their place. /etc/inittab, /etc/inetd.conf, and /etc/MANPATH The system is running HP-UX 11i v3 - Mar08. Anyone seen anything like this? Any ideas on a way to figure this out if it happens again or a suggested way to... (9 Replies)
Discussion started by: KEnglander
9 Replies

5. UNIX for Advanced & Expert Users

Shared Libraries- CRITICAL !!

Hi, I am trying to create a shared library from a .c file using gcc -c -fpic -I/usr/local/include Chksum.C -o Chksum.o gcc -shared -o libtclcksum.so Chksum.o when i try to load this shared library libtclcksum.so in tclsh % load libtclcksum.so I get the following error: couldn't load... (1 Reply)
Discussion started by: archana485
1 Replies

6. HP-UX

ServiceGuard on HP-UX 11.23 Mission Critical

Dear(s), anybody have played ServiceGuard on HP-UX version 11.23 MC ? I am planning to install Oracle and OpenView Operations for Unix 8 on a ServiceGuard clustered HP-UX environment, any suggestionsfrom where should I start ? Best Regards, Mostafa Reda (1 Reply)
Discussion started by: darousha
1 Replies

7. Shell Programming and Scripting

Very Critical

We have a batch job which runs and checks for certain files on a server and retrieves them to our server. But from last few hours the job is not running correctly. It gives msg file now found when there are files present on the server.. Nothing has been changed.................. (1 Reply)
Discussion started by: shikhakaul
1 Replies

8. UNIX for Dummies Questions & Answers

what is Critical section is all about?

what is a critical section?why multipleprocesses or multiplethreads cant be given a chance to access the critical section? please explain me with an example. thanks (3 Replies)
Discussion started by: compbug
3 Replies

9. Solaris

Monitroing Critical Logs

Hi, What are the critical logs need constant monitoring ? thanks (2 Replies)
Discussion started by: sol8admin
2 Replies
Login or Register to Ask a Question