galaxyboss
13th April 2007, 11:08
Hi,
I have very wried log in my message log:
pr 12 00:41:11 server1 proftpd[11078]: localhost.localdomain (::ffff:88.80.192.124[::ffff:88.80.192.124]) - FTP session opened.
Apr 12 00:41:12 server1 proftpd[11078]: localhost.localdomain (::ffff:88.80.192.124[::ffff:88.80.192.124]) - no such user 'Administrator'
Apr 12 00:41:13 server1 proftpd[11079]: localhost.localdomain (::ffff:88.80.192.124[::ffff:88.80.192.124]) - FTP session opened.
Apr 12 00:41:14 server1 proftpd[11079]: localhost.localdomain (::ffff:88.80.192.124[::ffff:88.80.192.124]) - no such user 'Administrator'
Apr 12 00:41:14 server1 proftpd[11080]: localhost.localdomain (::ffff:88.80.192.124[::ffff:88.80.192.124]) - FTP session opened.
Apr 12 00:41:16 server1 proftpd[11080]: localhost.localdomain (::ffff:88.80.192.124[::ffff:88.80.192.124]) - no such user 'Administrator'
Apr 12 00:41:17 server1 proftpd[11081]: localhost.localdomain (::ffff:88.80.192.124[::ffff:88.80.192.124]) - FTP session opened.
Apr 12 00:41:17 server1 proftpd[11082]: localhost.localdomain (::ffff:88.80.192.124[::ffff:88.80.192.124]) - FTP session opened.
Apr 12 00:41:18 server1 proftpd[11081]: localhost.localdomain (::ffff:88.80.192.124[::ffff:88.80.192.124]) - no such user 'Administrator'
Apr 12 00:41:18 server1 proftpd[11082]: localhost.localdomain (::ffff:88.80.192.124[::ffff:88.80.192.124]) - no such user 'Administrator'
Apr 12 00:41:19 server1 proftpd[11085]: localhost.localdomain (::ffff:88.80.192.124[::ffff:88.80.192.124]) - FTP session opened.
Apr 12 00:41:20 server1 proftpd[11086]: localhost.localdomain (::ffff:88.80.192.124[::ffff:88.80.192.124]) - FTP session opened.
Apr 12 00:41:20 server1 proftpd[11085]: localhost.localdomain (::ffff:88.80.192.124[::ffff:88.80.192.124]) - no such user 'Administrator'
Apr 12 00:41:21 server1 proftpd[11086]: localhost.localdomain (::ffff:88.80.192.124[::ffff:88.80.192.124]) - no such user 'Administrator'
Apr 12 00:41:23 server1 proftpd[11088]: localhost.localdomain (::ffff:88.80.192.124[::ffff:88.80.192.124]) - FTP session opened.
Apr 12 00:41:23 server1 proftpd[11089]: localhost.localdomain (::ffff:88.80.192.124[::ffff:88.80.192.124]) - FTP session opened.
Apr 12 00:41:24 server1 proftpd[11088]: localhost.localdomain (::ffff:88.80.192.124[::ffff:88.80.192.124]) - no such user 'Administrator'
this is small part form 358836line in the log file, and may IP (:ffff:***.***.***.***)
can any one tell me what is this? is it attack on FTP server ?
I am using proftpd, and I think my server is slow becuacse of this
I have question also, where is the log file for postfix ?
is it var/log/maillog?
I need to see what is the problem with postfix also ?
:confused: :confused:
I have very wried log in my message log:
pr 12 00:41:11 server1 proftpd[11078]: localhost.localdomain (::ffff:88.80.192.124[::ffff:88.80.192.124]) - FTP session opened.
Apr 12 00:41:12 server1 proftpd[11078]: localhost.localdomain (::ffff:88.80.192.124[::ffff:88.80.192.124]) - no such user 'Administrator'
Apr 12 00:41:13 server1 proftpd[11079]: localhost.localdomain (::ffff:88.80.192.124[::ffff:88.80.192.124]) - FTP session opened.
Apr 12 00:41:14 server1 proftpd[11079]: localhost.localdomain (::ffff:88.80.192.124[::ffff:88.80.192.124]) - no such user 'Administrator'
Apr 12 00:41:14 server1 proftpd[11080]: localhost.localdomain (::ffff:88.80.192.124[::ffff:88.80.192.124]) - FTP session opened.
Apr 12 00:41:16 server1 proftpd[11080]: localhost.localdomain (::ffff:88.80.192.124[::ffff:88.80.192.124]) - no such user 'Administrator'
Apr 12 00:41:17 server1 proftpd[11081]: localhost.localdomain (::ffff:88.80.192.124[::ffff:88.80.192.124]) - FTP session opened.
Apr 12 00:41:17 server1 proftpd[11082]: localhost.localdomain (::ffff:88.80.192.124[::ffff:88.80.192.124]) - FTP session opened.
Apr 12 00:41:18 server1 proftpd[11081]: localhost.localdomain (::ffff:88.80.192.124[::ffff:88.80.192.124]) - no such user 'Administrator'
Apr 12 00:41:18 server1 proftpd[11082]: localhost.localdomain (::ffff:88.80.192.124[::ffff:88.80.192.124]) - no such user 'Administrator'
Apr 12 00:41:19 server1 proftpd[11085]: localhost.localdomain (::ffff:88.80.192.124[::ffff:88.80.192.124]) - FTP session opened.
Apr 12 00:41:20 server1 proftpd[11086]: localhost.localdomain (::ffff:88.80.192.124[::ffff:88.80.192.124]) - FTP session opened.
Apr 12 00:41:20 server1 proftpd[11085]: localhost.localdomain (::ffff:88.80.192.124[::ffff:88.80.192.124]) - no such user 'Administrator'
Apr 12 00:41:21 server1 proftpd[11086]: localhost.localdomain (::ffff:88.80.192.124[::ffff:88.80.192.124]) - no such user 'Administrator'
Apr 12 00:41:23 server1 proftpd[11088]: localhost.localdomain (::ffff:88.80.192.124[::ffff:88.80.192.124]) - FTP session opened.
Apr 12 00:41:23 server1 proftpd[11089]: localhost.localdomain (::ffff:88.80.192.124[::ffff:88.80.192.124]) - FTP session opened.
Apr 12 00:41:24 server1 proftpd[11088]: localhost.localdomain (::ffff:88.80.192.124[::ffff:88.80.192.124]) - no such user 'Administrator'
this is small part form 358836line in the log file, and may IP (:ffff:***.***.***.***)
can any one tell me what is this? is it attack on FTP server ?
I am using proftpd, and I think my server is slow becuacse of this
I have question also, where is the log file for postfix ?
is it var/log/maillog?
I need to see what is the problem with postfix also ?
:confused: :confused: