The messages you were referring to, were in your syslog (SYStem LOG). This is a textfile that gets all logging your system does, from connects to status- and errormessages. It also logs if someone tries to get in to your system. Ususally, this file resides in the /var/log directory and is called 'messages'. You can watch your syslog on-the-fly with the command: tail -25f /var/log/messages This command (tail) shows the last 25 lines (-25f) in your syslog-file (the 'f' in -25f). You can configure how and what should show up in your syslog by changing /etc/syslog.conf If you would like to protect your system from unathorized connects, you should start to play with ipchains. Please read some docs on ipchains. Let me warn you: it's not simple! Good luck! Rogier root wrote:

Which is the syslog? are are you just telling me to infer the obvious- that connect from means conect from? or what?

None of this is simple to me. I need to be told straight up.

Thanks.

Rogier Maas wrote:

...

The answer is simple: read your syslog again!

Rogier

Daniel Woodard wrote:

...

what about messages like: linux in.telnetd[4813] connect from 12.77.192.88 followed by peer died, invalid character or in.ftpd[8915] connect from 209.173.192.62 are these people connecting to my box?

-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/