Kate Brown
2010-02-03 10:59:47 UTC
What on earth does this extract from the log mean, can anyone tell me?
Still getting to know this machine!
Who are these Users logging out in the middle of the night? For example
88.250.224.191 appears to be some Turk, 189.27.209.194 someone in
Brazil?
A shields-up scan reveals that ports 21 (FTP), 23 (Telnet), and 80
(HTTP) are open. Can any kind soul tell me how one closes them without
destroying access that I might one day need?
Log extract follows:
Info Feb 3 05:56:22 SNTP Synchronised again to server: 158.152.1.76
Info Feb 3 05:42:19 LOGOUT User logged out on TELNET
(189.27.209.194)
Info Feb 3 05:42:09 LOGOUT User logged out on TELNET
(189.27.209.194)
Info Feb 3 05:33:08 LOGOUT User logged out on TELNET (189.59.59.52)
Info Feb 3 05:32:59 LOGOUT User logged out on TELNET (189.59.59.52)
Info Feb 3 04:56:22 SNTP Synchronised again to server: 158.152.1.76
Info Feb 3 04:46:33 LOGOUT User logged out on TELNET (78.163.53.86)
Info Feb 3 04:46:21 LOGOUT User logged out on TELNET (78.163.53.86)
Info Feb 3 04:45:36 LOGOUT User logged out on TELNET (78.163.53.86)
Info Feb 3 04:45:26 LOGOUT User logged out on TELNET (78.163.53.86)
Info Feb 3 04:39:34 LOGOUT User logged out on TELNET
(88.250.224.191)
Info Feb 3 04:39:23 LOGOUT User logged out on TELNET
(88.250.224.191)
Info Feb 3 04:27:08 LOGOUT User logged out on TELNET (78.183.153.86)
Info Feb 3 04:27:04 LOGOUT User logged out on TELNET (78.183.153.86)
Info Feb 3 04:21:54 LOGOUT User logged out on TELNET
(189.15.106.251)
Info Feb 3 04:21:38 LOGOUT User logged out on TELNET
(189.15.106.251)
Info Feb 3 04:21:27 LOGOUT User logged out on TELNET (88.228.3.208)
Info Feb 3 04:21:20 LOGOUT User logged out on TELNET (88.228.3.208)
Info Feb 3 04:19:58 LOGOUT User logged out on TELNET (85.105.22.179)
Info Feb 3 04:19:42 LOGOUT User logged out on TELNET (85.105.22.179)
Info Feb 3 04:08:41 LOGOUT User logged out on TELNET (78.179.60.50)
Info Feb 3 04:08:35 LOGOUT User logged out on TELNET (78.179.60.50)
Info Feb 3 04:06:50 LOGOUT User logged out on TELNET
(88.227.145.152)
Info Feb 3 04:06:41 LOGOUT User logged out on TELNET
(88.227.145.152)
Info Feb 3 04:03:03 LOGOUT User logged out on TELNET (88.226.59.217)
Info Feb 3 04:02:51 LOGOUT User logged out on TELNET (88.226.59.217)
Info Feb 3 03:56:21 SNTP Synchronised again to server: 158.152.1.76
Info Feb 3 03:53:15 LOGOUT User logged out on TELNET (77.49.214.177)
Info Feb 3 03:53:05 LOGOUT User logged out on TELNET (77.49.214.177)
Info Feb 3 03:53:03 LOGOUT User logged out on TELNET (88.245.35.125)
Info Feb 3 03:52:57 LOGOUT User logged out on TELNET (88.245.35.125)
Info Feb 3 03:07:42 LOGOUT User logged out on TELNET
(88.242.248.234)
Info Feb 3 03:07:34 LOGOUT User logged out on TELNET
(88.242.248.234)
Info Feb 3 02:56:22 SNTP Synchronised again to server: 158.152.1.76
Info Feb 3 02:22:51 LOGOUT User logged out on TELNET (78.161.47.112)
Info Feb 3 02:22:39 LOGOUT User logged out on TELNET (78.161.47.112)
Info Feb 3 02:13:11 LOGOUT User logged out on TELNET
(94.123.159.178)
Info Feb 3 02:12:59 LOGOUT User logged out on TELNET
(94.123.159.178)
Info Feb 3 01:56:22 SNTP Synchronised again to server: 158.152.1.76
Info Feb 3 01:53:19 LOGOUT User logged out on TELNET
(88.250.210.212)
Info Feb 3 01:53:05 LOGOUT User logged out on TELNET
(88.250.210.212)
Info Feb 3 01:50:57 LOGOUT User logged out on TELNET (88.247.29.213)
Info Feb 3 01:50:46 LOGOUT User logged out on TELNET (88.247.29.213)
Info Feb 3 01:40:21 LOGOUT User logged out on TELNET (118.92.54.181)
Info Feb 3 01:39:52 LOGOUT User logged out on TELNET (118.92.54.181)
Still getting to know this machine!
Who are these Users logging out in the middle of the night? For example
88.250.224.191 appears to be some Turk, 189.27.209.194 someone in
Brazil?
A shields-up scan reveals that ports 21 (FTP), 23 (Telnet), and 80
(HTTP) are open. Can any kind soul tell me how one closes them without
destroying access that I might one day need?
Log extract follows:
Info Feb 3 05:56:22 SNTP Synchronised again to server: 158.152.1.76
Info Feb 3 05:42:19 LOGOUT User logged out on TELNET
(189.27.209.194)
Info Feb 3 05:42:09 LOGOUT User logged out on TELNET
(189.27.209.194)
Info Feb 3 05:33:08 LOGOUT User logged out on TELNET (189.59.59.52)
Info Feb 3 05:32:59 LOGOUT User logged out on TELNET (189.59.59.52)
Info Feb 3 04:56:22 SNTP Synchronised again to server: 158.152.1.76
Info Feb 3 04:46:33 LOGOUT User logged out on TELNET (78.163.53.86)
Info Feb 3 04:46:21 LOGOUT User logged out on TELNET (78.163.53.86)
Info Feb 3 04:45:36 LOGOUT User logged out on TELNET (78.163.53.86)
Info Feb 3 04:45:26 LOGOUT User logged out on TELNET (78.163.53.86)
Info Feb 3 04:39:34 LOGOUT User logged out on TELNET
(88.250.224.191)
Info Feb 3 04:39:23 LOGOUT User logged out on TELNET
(88.250.224.191)
Info Feb 3 04:27:08 LOGOUT User logged out on TELNET (78.183.153.86)
Info Feb 3 04:27:04 LOGOUT User logged out on TELNET (78.183.153.86)
Info Feb 3 04:21:54 LOGOUT User logged out on TELNET
(189.15.106.251)
Info Feb 3 04:21:38 LOGOUT User logged out on TELNET
(189.15.106.251)
Info Feb 3 04:21:27 LOGOUT User logged out on TELNET (88.228.3.208)
Info Feb 3 04:21:20 LOGOUT User logged out on TELNET (88.228.3.208)
Info Feb 3 04:19:58 LOGOUT User logged out on TELNET (85.105.22.179)
Info Feb 3 04:19:42 LOGOUT User logged out on TELNET (85.105.22.179)
Info Feb 3 04:08:41 LOGOUT User logged out on TELNET (78.179.60.50)
Info Feb 3 04:08:35 LOGOUT User logged out on TELNET (78.179.60.50)
Info Feb 3 04:06:50 LOGOUT User logged out on TELNET
(88.227.145.152)
Info Feb 3 04:06:41 LOGOUT User logged out on TELNET
(88.227.145.152)
Info Feb 3 04:03:03 LOGOUT User logged out on TELNET (88.226.59.217)
Info Feb 3 04:02:51 LOGOUT User logged out on TELNET (88.226.59.217)
Info Feb 3 03:56:21 SNTP Synchronised again to server: 158.152.1.76
Info Feb 3 03:53:15 LOGOUT User logged out on TELNET (77.49.214.177)
Info Feb 3 03:53:05 LOGOUT User logged out on TELNET (77.49.214.177)
Info Feb 3 03:53:03 LOGOUT User logged out on TELNET (88.245.35.125)
Info Feb 3 03:52:57 LOGOUT User logged out on TELNET (88.245.35.125)
Info Feb 3 03:07:42 LOGOUT User logged out on TELNET
(88.242.248.234)
Info Feb 3 03:07:34 LOGOUT User logged out on TELNET
(88.242.248.234)
Info Feb 3 02:56:22 SNTP Synchronised again to server: 158.152.1.76
Info Feb 3 02:22:51 LOGOUT User logged out on TELNET (78.161.47.112)
Info Feb 3 02:22:39 LOGOUT User logged out on TELNET (78.161.47.112)
Info Feb 3 02:13:11 LOGOUT User logged out on TELNET
(94.123.159.178)
Info Feb 3 02:12:59 LOGOUT User logged out on TELNET
(94.123.159.178)
Info Feb 3 01:56:22 SNTP Synchronised again to server: 158.152.1.76
Info Feb 3 01:53:19 LOGOUT User logged out on TELNET
(88.250.210.212)
Info Feb 3 01:53:05 LOGOUT User logged out on TELNET
(88.250.210.212)
Info Feb 3 01:50:57 LOGOUT User logged out on TELNET (88.247.29.213)
Info Feb 3 01:50:46 LOGOUT User logged out on TELNET (88.247.29.213)
Info Feb 3 01:40:21 LOGOUT User logged out on TELNET (118.92.54.181)
Info Feb 3 01:39:52 LOGOUT User logged out on TELNET (118.92.54.181)
--
Kate B
PS 'elvira' is spamtrapped - please reply to 'elviraspam' at cockaigne dot org dot uk if you
want to reply personally
Kate B
PS 'elvira' is spamtrapped - please reply to 'elviraspam' at cockaigne dot org dot uk if you
want to reply personally