Administrace komentářů

Nevím přesně co dělal ale je vidět že vytvářel nějake skupiny, uživatele a měnil hesla. Více to spíš řekne odborníkum..

Mar  8 06:11:48 master sshd[2426]: Accepted password for root from 210.75.213.253 port 44971 ssh2
Mar  8 06:11:48 master sshd[2426]: pam_unix(sshd:session): session opened for user root by (uid=0)
Mar  8 06:11:49 master sshd[2426]: Received disconnect from 210.75.213.253: 11: Bye Bye
Mar  8 06:11:49 master sshd[2426]: pam_unix(sshd:session): session closed for user root
Mar  8 06:18:58 master sshd[2433]: Address 86.120.215.126 maps to 86-120-215-126.rdsnet.ro, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Mar  8 06:19:00 master sshd[2433]: Accepted password for root from 86.120.215.126 port 3966 ssh2
Mar  8 06:19:00 master sshd[2433]: pam_unix(sshd:session): session opened for user root by (uid=0)
Mar  8 06:19:59 master useradd[2453]: new group: name=angell, GID=1001
Mar  8 06:19:59 master useradd[2453]: new user: name=angell, UID=0, GID=1001, home=/usr/angell/, shell=/bin/bash
Mar  8 06:20:11 master useradd[2458]: new group: name=cote, GID=1002
Mar  8 06:20:11 master useradd[2458]: new user: name=cote, UID=0, GID=1002, home=/usr/cote/, shell=/bin/bash
Mar  8 06:20:33 master passwd[2463]: pam_unix(passwd:chauthtok): password changed for cote
Mar  8 06:21:15 master passwd[2465]: pam_unix(passwd:chauthtok): password changed for angell
Mar  8 06:21:35 master sshd[2469]: Address 86.120.215.126 maps to 86-120-215-126.rdsnet.ro, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Mar  8 06:21:41 master sshd[2469]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.120.215.126  user=root