View Single Post
  #1  
Old 14th June 2012, 11:30
shr3k shr3k is offline
Junior Member
 
Join Date: Jun 2012
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Default pureftpd - auth.log records with empty rhost

Hi all, have you anyone found also following similar strange records in your Debian-based system auth.log as well?:

Code:
Jun 14 08:17:41 swamp pure-ftpd: pam_unix(pure-ftpd:auth): check pass; user unknown
Jun 14 08:17:41 swamp pure-ftpd: pam_unix(pure-ftpd:auth): authentication failure; logname= uid=0 euid=0 tty=pure-ftpd ruser=skvpraha rhost=
Jun 14 08:17:41 swamp pure-ftpd: pam_unix(pure-ftpd:auth): check pass; user unknown
Jun 14 08:17:41 swamp pure-ftpd: pam_unix(pure-ftpd:auth): authentication failure; logname= uid=0 euid=0 tty=pure-ftpd ruser=skvpraha rhost=
Jun 14 08:17:54 swamp pure-ftpd: pam_unix(pure-ftpd:auth): check pass; user unknown
Jun 14 08:17:54 swamp pure-ftpd: pam_unix(pure-ftpd:auth): authentication failure; logname= uid=0 euid=0 tty=pure-ftpd ruser=skvprahaskvpraha rhost=
Jun 14 08:17:57 swamp pure-ftpd: pam_unix(pure-ftpd:auth): check pass; user unknown
Jun 14 08:17:57 swamp pure-ftpd: pam_unix(pure-ftpd:auth): authentication failure; logname= uid=0 euid=0 tty=pure-ftpd ruser=skvprahaskvpraha rhost=
I wonder how it is possible that pureftpd does not detect remote host. My fail2ban can't subsequently block it because is missing rhost...

And /etc/pure-ftpd/conf/DontResolve is set to yes of course.

Last edited by shr3k; 14th June 2012 at 11:35. Reason: DontResolve
Reply With Quote
Sponsored Links