服务器被攻击了么??????????怎么解决(急啊.....)

sugar99999 · 发表于 2006-8-14 13:53:10

#cat /var/log/message (出现如下日志,有没有什么解决方法,谢....)
Aug 14 10:02:01 www crond(pam_unix)[16763]: session opened for user root by (uid=0)
Aug 14 10:02:05 www crond(pam_unix)[16762]: session closed for user root
Aug 14 10:02:05 www crond(pam_unix)[16764]: session closed for user root
Aug 14 10:02:11 www crond(pam_unix)[16763]: session closed for user root
Aug 14 10:02:39 www sshd(pam_unix)[16817]: session opened for user root by root(uid=0)
Aug 14 10:03:01 www crond(pam_unix)[16851]: session opened for user root by (uid=0)
Aug 14 10:03:01 www crond(pam_unix)[16850]: session opened for user root by (uid=0)
Aug 14 10:03:11 www crond(pam_unix)[16851]: session closed for user root
Aug 14 10:03:14 www crond(pam_unix)[16850]: session closed for user root
Aug 14 10:04:02 www crond(pam_unix)[16914]: session opened for user root by (uid=0)
Aug 14 10:04:02 www crond(pam_unix)[16913]: session opened for user root by (uid=0)
Aug 14 10:04:02 www crond(pam_unix)[16912]: session opened for user root by (uid=0)
Aug 14 10:04:06 www crond(pam_unix)[16912]: session closed for user root
Aug 14 10:04:06 www crond(pam_unix)[16914]: session closed for user root
Aug 14 10:04:11 www crond(pam_unix)[16913]: session closed for user root
Aug 14 10:04:40 www sshd(pam_unix)[16970]: session opened for user root by (uid=0)
Aug 14 10:05:01 www crond(pam_unix)[17002]: session opened for user root by (uid=0)
Aug 14 10:05:02 www crond(pam_unix)[17002]: session closed for user root

vyouzhi · 发表于 2006-8-14 17:42:50

不是的
不过从
Aug 14 10:04:40 www sshd(pam_unix)[16970]: session opened for user root by (uid=0)
这一句来说
有人进来过

晨想 · 发表于 2006-8-16 09:45:46

觉得楼主的系统已经被搞定了。。。

		自动登录	找回密码
密码			注册