is this an attack

Got problems with your B2 or B3? Share and get helped!
Post Reply
fresca1919
Posts: 4
Joined: 20 Oct 2008, 16:57

is this an attack

Post by fresca1919 » 23 Oct 2008, 17:46

I have the auth.log full of these kinds of entrees I was wondering if this is someone trying to get in? I have the SSH,IMAP and WWW turned off from the WAN.
Thanks

Oct 23 21:35:01 maxihard CRON[2625]: (pam_unix) session opened for user root by (uid=0)
Oct 23 21:35:09 maxihard CRON[2625]: (pam_unix) session closed for user root
Oct 23 21:39:01 maxihard CRON[2656]: (pam_unix) session opened for user root by (uid=0)
Oct 23 21:39:01 maxihard CRON[2656]: (pam_unix) session closed for user root
Oct 23 21:40:01 maxihard CRON[2669]: (pam_unix) session opened for user root by (uid=0)
Oct 23 21:40:07 maxihard CRON[2669]: (pam_unix) session closed for user root

Xet
Posts: 53
Joined: 12 May 2008, 02:40

Post by Xet » 24 Oct 2008, 01:22

No, this is no hacking attempt, it comes from cron it seems.

Cron is, as you might know, a scheduling service that runs certain jobs at certain times. Some of these jobs are run by root.

Post Reply