On Fri, Jul 26, 2013 at 08:35:48AM +0100, Dom wrote: >At the remote linux server, I can found huge brute force ssh attempt at the >different >port and surprisingly the attempt is made with the same username which I >actually use >to llog into the remote box. Some of the messages from log are as below > >accepted public key from<username_of_my_local_box> >from<WAN_IP_of_my_local_box> port 50574 ssh2
It's a bit confusing. Are you saying you see lot of connections coming from your local host? if so you can use netstat -tnpa to see tcp network sockets and it should show all the processes connecting to your remote host. mk -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130726075954.GA26729@finrod
