On Wed, 4 Aug 2004 10:25:05 -0400, jeem machine <jmachine@xxxxxxxxx> wrote: >On Wed, 04 Aug 2004 08:25:36 -0500, Steven Stern ><subscribed-lists@xxxxxxxxxxxxx> wrote: >> On Tue, 03 Aug 2004 21:40:18 -0700, Ow Mun Heng <Ow.Mun.Heng@xxxxxxx> wrote: >> >> My logs from last night: >> >> Failed logins from these: >> guest/password from ::ffff:143.107.235.116: 1 Time(s) >> guest/password from ::ffff:211.105.46.30: 1 Time(s) >> test/password from ::ffff:143.107.235.116: 1 Time(s) >> test/password from ::ffff:211.105.46.30: 1 Time(s) >> >> Illegal users from these: >> guest/none from ::ffff:143.107.235.116: 1 Time(s) >> guest/none from ::ffff:211.105.46.30: 1 Time(s) >> guest/password from ::ffff:143.107.235.116: 1 Time(s) >> guest/password from ::ffff:211.105.46.30: 1 Time(s) >> test/none from ::ffff:143.107.235.116: 1 Time(s) >> test/none from ::ffff:211.105.46.30: 1 Time(s) >> test/password from ::ffff:143.107.235.116: 1 Time(s) >> test/password from ::ffff:211.105.46.30: 1 Time(s) >> > >> >Which logs are you looking at. I would like to check my system The snipped above comes from the nightly logwatch run, mailed to root. Logwatch searches through /var/log/secure* -- Steve
