On Sunday 20 November 2005 10:56 am, Andre Truter wrote:
On 11/20/05, Steven T. Hatton
wrote: On Sunday 20 November 2005 08:05 am, Anders Johansson wrote:
You still provide us with an astonishing lack of information.
I'm not sure why you find that "astonishing".
How are anybody supposed to help you if you don't give any info?
My take on it was that he didn't want any help. Beats me why he said anything about it.
For instance, some extracts from your logs that shows the accepted ssh login.
The history of commands that the user executed after login. Then you can see what they did and if it were a cracker or not.
I am not a security expert, but those are the first places I would start to look to see what is happening.
Not sure if this helps
-- Andre Truter | Software Engineer | Registered Linux user #185282 ICQ #40935899 | AIM: trusoftzaf | http://www.trusoft.za.org
~ A dinosaur is a salamander designed to Mil Spec ~