strange line in /var/log/secure

strange line in /var/log/secure

Post by Joseph Norri » Fri, 19 Jun 1998 04:00:00

Hello group,

In just the past week, I have been getting a repeating message in my
/var/log/secure file as follows:
Jun 16 02:33:01 ns in.ftpd[18136]: refused connect from
(ip changed to protect the innocent)

I have my hosts.allow and hosts.deny files set up to only allow certain
ips to telnet or ftp. What is weird about this message is that the is the ip of my web server ip. I never got this before.
Can anyone tell me how to trace this problem?





1. secure logs of /var/log/secure

what if i change my ip and connect to a pc ? Is there any way of
identifying the pc by hardware addres.....

is there any way of changing the hardware i don't
want to change the card........i just want to mask the hardware

any help ???

2. statement's promble in kernel/signal.c

3. strange message in /var/log/secure

4. Security logging

5. /var/log/secure logs telnet connects but not logins?

6. PC-NFS Setup

7. Can't get Snort to log to /var/log/secure

8. Main disk crash ??

9. /var/log/secure doesn't log hostname

10. QUESTION: on /var/log/secure logging ....

11. Strange log in /var/log/messages about sendmail.

12. How large can /var/log/messages and /var/log/syslog get ?

13. How to close /var/log/syslog and /var/log/messages..