Results 1 to 3 of 3

Thread: How am I doing and what are these PAM errors?

  1. #1

    How am I doing and what are these PAM errors?

    CommuniGate Pro sends these nice logs to me but I don't understand what it is they are missing? Is there someone who can make this greek clear?

    *This message was transferred with a trial version of CommuniGate(tm)
    Pro*


    ################## LogWatch 2.1.1 Begin #####################


    --------------------- ModProbe Begin ------------------------

    Can't locate these modules:
    synth0: 2 Time(s)

    **Unmatched Entries**
    modprobe: Can't locate module sound-service-0-0: 5 Time(s)
    modprobe: Can't locate module sound-service-1-0: 10 Time(s)
    modprobe: Can't locate module sound-slot-1: 10 Time(s)


    ---------------------- ModProbe End -------------------------



    --------------------- Named Begin ------------------------

    **Unmatched Entries**
    command channel listening on 127.0.0.1#953: 5 Time(s)
    loading configuration from '/etc/named.conf': 5 Time(s)
    named shutdown succeeded: 5 Time(s)
    named startup succeeded: 5 Time(s)
    no IPv6 interfaces found: 5 Time(s)
    no longer listening on 127.0.0.1#53: 5 Time(s)
    no longer listening on 192.168.1.100#53: 5 Time(s)
    running: 5 Time(s)
    shutting down: 5 Time(s)
    starting BIND 9.1.3 -u named: 5 Time(s)
    the default for the 'auth-nxdomain' option is now 'no': 5 Time(s)
    using 1 CPU: 5 Time(s)


    ---------------------- Named End -------------------------

    Next days Log

    --------------------- ftpd-messages Begin ------------------------

    User FTP Logins:
    AC832F97.ipt.aol.com (172.131.47.151): valar - 2 Time(s)

    **Unmatched Entries**
    USER valar
    PASS password
    PWD
    SYST
    PASV
    PORT
    LIST
    USER valar
    PASS password
    PWD
    SYST
    TYPE ASCII
    PASV
    PORT
    LIST
    TYPE Image
    PASV
    PORT
    STOR WorldPeace.txt
    MDTM 20020313014720 WorldPeace.txt
    PWD
    TYPE ASCII
    PASV
    PORT
    LIST


    ---------------------- ftpd-messages End -------------------------



    ---------------- Connections (secure-log) Begin -------------------

    Connections:
    Service ftp:
    172.131.47.151: 2 Time(s)

    **Unmatched Entries**
    Mar 12 00:00:32 btshadows sshd[27797]: Accepted password for duncan
    from 209.128.195.49 port 1230
    Mar 12 00:54:04 btshadows sshd[28541]: Accepted password for duncan
    from 209.128.195.50 port 1670
    Mar 12 11:04:56 btshadows sshd[4977]: scanned from 132.206.213.41 with
    SSH-1.0-SSH_Version_Mapper. Don't panic.
    Mar 12 11:04:56 btshadows sshd[4976]: Did not receive identification
    string from 132.206.213.41.
    Mar 12 13:30:37 btshadows sshd[6892]: PAM pam_set_item: NULL pam handle
    passed
    Mar 12 13:30:42 btshadows sshd[6892]: PAM pam_set_item: NULL pam handle
    passed
    Mar 12 13:30:42 btshadows sshd[6892]: Failed password for illegal user
    loethe from 172.144.178.191 port 1092
    Mar 12 13:30:45 btshadows sshd[6892]: PAM pam_set_item: NULL pam handle
    passed
    Mar 12 13:30:45 btshadows sshd[6892]: Failed password for illegal user
    loethe from 172.144.178.191 port 1092
    Mar 12 13:30:47 btshadows sshd[6892]: PAM pam_set_item: NULL pam handle
    passed
    Mar 12 13:30:47 btshadows sshd[6892]: Failed password for illegal user
    loethe from 172.144.178.191 port 1092
    Mar 12 13:30:49 btshadows sshd[6892]: PAM pam_set_item: NULL pam handle
    passed
    Mar 12 13:30:49 btshadows sshd[6892]: Failed password for illegal user
    loethe from 172.144.178.191 port 1092

  2. #2

    Re: How am I doing and what are these PAM errors?

    PAM - Pluggable Authentication Modules.

    Someone was trying to log into your ssh server. As the username he used doesn't exist on your system, ssh passed to PAM "null handle". (A "handle", I think is something than should identify the user). PAM responds that the user with a null handle is "illegal" (non-existent), therefore the password fails and PAM refuses to authenticate it. sshd rejects the connection then.

    Nothing to worry about, except that someone was trying to log in.

  3. #3

    Re: How am I doing and what are these PAM errors?

    One more thing - someone was testing your sshd version, probably wanting to exploit the zlib bug recently found. Hope you keep your sshd up to date (or use version 1.x.x).

Similar Threads

  1. Memory errors with XP Pro
    By in forum Windows - General Topics
    Replies: 18
    Last Post: 04-15-2004, 10:02 PM
  2. Errors after killing X
    By trickster in forum Linux - General Topics
    Replies: 1
    Last Post: 05-20-2003, 11:28 PM
  3. 404 Errors
    By trickster in forum General Chat
    Replies: 8
    Last Post: 02-17-2003, 01:08 AM
  4. FAH errors
    By mcdougrs in forum Linux - Software, Applications & Programming
    Replies: 5
    Last Post: 09-07-2002, 05:47 AM
  5. ppp-2.4.1 errors!!
    By Toast0r in forum Linux - General Topics
    Replies: 5
    Last Post: 06-09-2002, 06:07 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •