Witam, mam jako załącznik plik messages. Z tym że jak pisałem dla bezpieczeństwa zmieniłem w logach IP serwera na 11.22.33.44 serwer ma nazwę buch, nazwy kont (poczta) zmieni łem na user1 user2 ...
Może na podstawie tego pliku cos da się powiedzieć . Ja widzę żę są ciagłe próby włamania do serwera (druga część logów). Domena
www.moja.domena.pl odpala się z regóły po powtórnym otworzeniu przeglądarki (dziwny objaw) nie pomaga usuwanie tymczasowych plików internetowych i odświeżanie strony. Prosze o dalszą pomoc.
a to fragmenty pliku messages
May 11 04:40:01 buch syslogd 1.4.1: restart.
May 11 05:08:26 buch -- MARK --
May 11 05:28:26 buch -- MARK --
May 11 05:48:26 buch -- MARK --
May 11 06:08:26 buch -- MARK --
May 11 06:28:26 buch -- MARK --
May 11 06:48:26 buch -- MARK --
May 11 12:43:58 buch sshd[10328]: Invalid user admin from 202.164.181.115
May 11 12:43:58 buch sshd[10328]: Failed password for invalid user admin from 202.164.181.115 port 40017 ssh2
May 11 12:44:02 buch sshd[10332]: Invalid user test from 202.164.181.115
May 11 12:44:02 buch sshd[10332]: Failed password for invalid user test from 202.164.181.115 port 40118 ssh2
May 11 12:44:05 buch sshd[10335]: Invalid user guest from 202.164.181.115
May 11 12:44:05 buch sshd[10335]: Failed password for invalid user guest from 202.164.181.115 port 40221 ssh2
May 11 12:44:09 buch sshd[10339]: Invalid user webmaster from 202.164.181.115
May 11 12:44:09 buch sshd[10339]: Failed password for invalid user webmaster from 202.164.181.115 port 40329
May 11 12:44:12 buch sshd[10342]: Failed password for mysql from 202.164.181.115 port 40437 ssh2
May 11 12:44:16 buch sshd[10345]: Invalid user oracle from 202.164.181.115
May 11 12:44:16 buch sshd[10345]: Failed password for invalid user oracle from 202.164.181.115 port 40539 ssh2
May 11 12:44:19 buch sshd[10348]: Invalid user library from 202.164.181.115
May 11 12:44:19 buch sshd[10348]: Failed password for invalid user library from 202.164.181.115 port 40655 ssh2
May 11 12:44:23 buch sshd[10351]: Invalid user info from 202.164.181.115
May 11 12:44:23 buch sshd[10351]: Failed password for invalid user info from 202.164.181.115 port 40752 ssh2
May 11 12:44:26 buch sshd[10354]: Invalid user shell from 202.164.181.115
May 11 12:44:26 buch sshd[10354]: Failed password for invalid user shell from 202.164.181.115 port 40854 ssh2
May 14 10:26:27 buch named[20633]: shutting down
May 14 10:26:27 buch named[20633]: stopping command channel on 127.0.0.1#953
May 14 10:26:27 buch named[20633]: no longer listening on 127.0.0.1#53
May 14 10:26:27 buch named[20633]: no longer listening on 11.22.33.44#53
May 14 10:26:27 buch named[20633]: no longer listening on 192.168.0.1#53
May 14 10:26:27 buch named[20633]: exiting
May 14 10:26:28 buch named[10502]: starting BIND 9.3.1
May 14 10:26:28 buch named[10502]: loading configuration from '/etc/named.conf'
May 14 10:26:28 buch named[10502]: no IPv6 interfaces found
May 14 10:26:28 buch named[10502]: listening on IPv4 interface lo, 127.0.0.1#53
May 14 10:26:28 buch named[10502]: listening on IPv4 interface eth0, 11.22.33.44#53
May 14 10:26:28 buch named[10502]: listening on IPv4 interface eth1, 192.168.0.1#53
May 14 10:26:28 buch named[10502]: command channel listening on 127.0.0.1#953
May 14 10:26:28 buch named[10502]: zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700
May 14 10:26:28 buch named[10502]: zone localhost/IN: loaded serial 42
May 14 10:26:28 buch named[10502]: zone moja.domena.pl/IN: loaded serial 2008050903
May 14 10:26:28 buch named[10502]: running
May 14 10:26:45 buch popa3d[10504]: Authentication passed for user8
May 14 10:26:45 buch popa3d[10504]: 0 messages (0 bytes) loaded
May 14 10:26:45 buch popa3d[10504]: 0 (0) deleted, 0 (0) left
May 14 10:37:11 buch popa3d[10642]: Authentication passed for user1
May 14 10:37:11 buch popa3d[10642]: 2 messages (51720 bytes) loaded
May 14 10:37:12 buch popa3d[10642]: 2 (51720) deleted, 0 (0) left