我是不是被入侵了?怎么办?
晚上9点多钟,硬盘狂响不停,切换至终端,显示很慢几乎不能用终端登录!只好Powner it!今天是第二次了。说明:Redhat 9.0;个人ADSL上网用户;cornd服务没开;系统安全日志如下;平时用init 3登录;菜鸟一只。Sep 24 17:19:55 localhost sshd: Server listening on 0.0.0.0 port 22.
Sep 24 17:21:20 localhost xinetd: START: sgi_fam pid=2620 from=<no address>
Sep 24 17:25:16 localhost xinetd: START: sgi_fam pid=2752 from=<no address>
Sep 24 19:13:20 localhost xinetd: START: sgi_fam pid=28210 from=<no address>
Sep 24 19:27:39 localhost xinetd: START: sgi_fam pid=28562 from=<no address>
Sep 24 19:30:21 localhost xinetd: START: sgi_fam pid=28860 from=<no address>
Sep 24 19:30:46 localhost sshd: Received signal 15; terminating.
Sep 24 20:17:52 localhost sshd: Server listening on 0.0.0.0 port 22.
Sep 24 20:22:22 localhost sshd: Received signal 15; terminating.
Sep 24 21:22:37 localhost usermod: change user `gdm' shell from `/sbin/nologin' to `/sbin/nologin'
顺便问一下sshd是什么?如果是入侵的话,我调高防火墙(不过好像是最高的),会不会有用?终于应该怎么办?
还有会gnome会出来个正在搜索硬盘...的对话框,无任何内容 没事的,是updatedb,扫描你硬盘文件,方便你find
页:
[1]