I have seen the following two entries in my secure log files in sme 5.0. What I'm wondering, are this successful intrusions into my system, the ip addresses are not from my network. Also, can anyone direct to a source explaining the various log files in 5.0?
Sep 22 16:19:53 xxx01 xinetd[1380]: START: ftp pid=4321 from=xxx.251.70.169
Sep 24 18:21:11 xxx01 xinetd[873]: START: ftp pid=1605 from=xxx.46.9.243
I've also got this smtp message in the secure log. Can anyone explain what this is?
Sep 24 17:33:41 xxx01 xinetd[873]: START: smtp pid=1571 from=xxx.175.21.22
1 Replies
391 Views