hoi zäme, ich hab mal die logs eines suse 11.1 (vor kurzem von 10.? upgedated) rechner angeschaut. da finde ich massenhaft meldungen in /var/log/messages von der art Oct 24 20:46:16 alice sshd[5250]: Did not receive identification string from 222.236.47.135 Oct 24 20:52:27 alice sshd[5285]: Invalid user globus from 222.236.47.135 Oct 24 20:52:30 alice sshd[5287]: Invalid user condor from 222.236.47.135 Oct 24 20:52:32 alice sshd[5289]: Invalid user marine from 222.236.47.135 Oct 24 20:52:32 alice sshd[5291]: Invalid user tomcat from 222.236.47.135 Oct 24 20:52:34 alice sshd[5293]: Invalid user cadi from 222.236.47.135 Oct 24 20:52:35 alice sshd[5296]: Invalid user global from 222.236.47.135 Oct 24 20:52:37 alice sshd[5294]: Invalid user marine from 222.236.47.135 Oct 24 20:52:38 alice sshd[5299]: Invalid user cady from 222.236.47.135 Oct 24 20:52:38 alice sshd[5300]: Invalid user upload from 222.236.47.135 und in /var/log/warn Apr 16 05:24:56 alice sshd[7031]: error: PAM: User not known to the underlying authentication module for illegal user avye from 218.241.164.34 Apr 16 05:25:35 alice sshd[7034]: error: PAM: User not known to the underlying authentication module for illegal user avye from 66.197.211.229 Apr 16 05:26:12 alice sshd[7037]: error: PAM: User not known to the underlying authentication module for illegal user avye from 102.155.95.219.klj01-home.tm.net.my Apr 16 05:27:18 alice sshd[7040]: error: PAM: User not known to the underlying authentication module for illegal user awen from 200.87.126.118 Apr 16 05:27:21 alice sshd[7043]: error: PAM: User not known to the underlying authentication module for illegal user awen from sprint-65-160-236-155.smf.ragingwire.net Apr 16 05:28:01 alice sshd[7046]: error: PAM: User not known to the underlying authentication module for illegal user awen from 216.241.173.122 Apr 16 05:28:37 alice sshd[7049]: error: PAM: User not known to the underlying authentication module for illegal user awen from 218.91.210.100 es scheint, dass jemand einzubrechen versucht. was kann ich machen um mich dagegen zu schützen? ich nutze suses firewall und aktualisiere die sicherheitspatches regelmässig. gruss robert -- Um die Liste abzubestellen, schicken Sie eine Mail an: opensuse-de+unsubscribe@opensuse.org Um eine Liste aller verfuegbaren Kommandos zu bekommen, schicken Sie eine Mail an: opensuse-de+help@opensuse.org