Tycoon Talk
Become a Big fish!
The number 1 forum for online business!
Post topics, ask questions, share your knowledge.
Tycoon Talk is part of Freelancer.com - find skilled workers online at a fraction of the cost.

Website and Server Administration Forum


You are currently viewing our Website and Server Administration Forum as a guest. Please register to participate.
Login


Tycoon Talk > Web Administration Support > Website and Server Administration Forum > Is this an attack or a proper system process

Reply
Is this an attack or a proper system process
Old 05-01-2008, 10:47 AM Is this an attack or a proper system process
Junior Talker

Posts: 4
Trades: 0
Talkupation: afewtips is on a distinguished road
Hi,
I have setup a new server and within a day I was getting brute force attacks.
I removed root access and I modified my iptables to keep the number of tries within a min to 8, but now I see these lines -

pam_unix(cron:session): session opened for user root by (uid=0)


Is this a normal line or something else?

Thanks for any help.
afewtips is offline
Reply With Quote
View Public Profile
 
 
Register now for full access!
Old 05-01-2008, 08:30 PM Re: Is this an attack or a proper system process
Average Talker

Posts: 15
Name: Chris
Location: UK
Trades: 0
Talkupation: crashed is on a distinguished road
Nope, as it says "cron:session" it means that it is cron (scheduled) jobs that are running regulary.

Pretty normal.
__________________
Chris
.Net C# ASP.NET Developer
Windows Systems Administrator
crashed is offline
Reply With Quote
View Public Profile
 
Old 05-05-2008, 10:39 AM Re: Is this an attack or a proper system process
Junior Talker

Posts: 4
Trades: 0
Talkupation: afewtips is on a distinguished road
Thanks for the reply -
I am using fail2ban now as well.

Thanks
afewtips is offline
Reply With Quote
View Public Profile
 
Old 05-06-2008, 08:28 AM Re: Is this an attack or a proper system process
Novice Talker

Posts: 10
Name: Ramil
Trades: 0
Talkupation: ramilB is on a distinguished road
crashed is right, it is just a cron job probably set your script or have you set a cron job?
ramilB is offline
Reply With Quote
View Public Profile
 
Reply     « Reply to Is this an attack or a proper system process
 
Previous Thread | Next Thread Tycoon Talk > Web Administration Support > Website and Server Administration Forum > Is this an attack or a proper system process

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off




   
RSS Feed  Feeds: RSS   JS   XML
RSS Feed  Feeds for this forum: RSS   JS   XML



Page generated in 0.12933 seconds with 12 queries