Thread: Access Violation
View Single Post
  #1 (permalink)  
Old 2008-02-11
avilT avilT is offline
Member
  
Join Date: 2006-03-14
Posts: 99
Rep Power: 3
avilT has an average reputation (10+)
Default Access Violation
I am running Checkoint NGFP3 pn Nokia IP 350.
I am getting the below log on syslog server, what is the meaning of this log? Is someone trying to get access of the firewall? How can I trace the source IP?
-------------------------------------------------------------------------
Feb 9 09:28:39 FW02 [LOG_ERR] PAM_unix[542]: bad username [*** W A ]
Feb 9 09:28:39 FW02 [LOG_ERR] PAM_unix[542]: bad username [ |]
Feb 9 09:28:39 FW02 [LOG_ERR] PAM_unix[542]: bad username [| ]
Feb 9 09:28:39 FW02 [LOG_ERR] PAM_unix[542]: bad username [| This ]
Feb 9 09:28:44 FW02 [LOG_ERR] PAM_unix[542]: bad username [| to au]
Feb 9 09:28:54 FW02 [LOG_ERR] PAM_unix[542]: bad username [| attem]
Feb 9 09:29:09 FW02 [LOG_ERR] PAM_unix[542]: bad username [| respo]
Feb 9 09:29:29 FW02 [LOG_ERR] PAM_unix[542]: bad username [| If yo]
Feb 9 09:29:54 FW02 [LOG_ERR] PAM_unix[542]: bad username [| ]
Feb 9 09:30:24 FW02 [LOG_ERR] PAM_unix[542]: bad username [+-------]
Feb 9 09:30:24 FW02 [LOG_NOTICE] PAM_unix[542]: 1 LOGIN FAILURE ON ttyd0
Feb 9 09:30:24 FW02 [LOG_NOTICE] PAM_unix[542]: 1 LOGIN FAILURE ON ttyd0, +-------
Feb 9 09:30:29 FW02 [LOG_ERR] PAM_unix[10347]: bad username [$G^G^G^G]
Feb 9 09:31:02 FW02 [LOG_ALERT] PAM_unix[10347]: check pass; user unknown
Feb 9 09:31:02 FW02 [LOG_NOTICE] PAM_unix[10347]: authentication failure; root(uid=0) -> G^G^G^G^ for login service
Feb 9 09:31:04 FW02 [LOG_ERR] PAM_unix[10347]: auth_pam: Authentication service cannot retrieve authentication info.
Feb 9 09:31:15 FW02 [LOG_ALERT] PAM_unix[10347]: check pass; user unknown
Feb 9 09:31:15 FW02 [LOG_NOTICE] PAM_unix[10347]: authentication failure; root(uid=0) -> n failed for login service
Feb 9 09:31:16 FW02 [LOG_ERR] PAM_unix[10347]: auth_pam: Authentication service cannot retrieve authentication info.
Feb 9 09:31:18 FW02 [LOG_ALERT] PAM_unix[10347]: check pass; user unknown
Feb 9 09:31:18 FW02 [LOG_NOTICE] PAM_unix[10347]: authentication failure; root(uid=0) -> Verifica for login service
Feb 9 09:31:20 FW02 [LOG_ERR] PAM_unix[10347]: auth_pam: Authentication service cannot retrieve authentication info.
Feb 9 09:31:33 FW02 [LOG_ALERT] PAM_unix[10347]: check pass; user unknown
Feb 9 09:31:33 FW02 [LOG_NOTICE] PAM_unix[10347]: authentication failure; root(uid=0) -> n failed for login service
Feb 9 09:31:35 FW02 [LOG_ERR] PAM_unix[10347]: auth_pam: Authentication service cannot retrieve authentication info.
Feb 9 09:31:46 FW02 [LOG_ERR] PAM_unix[10347]: bad username [ failed.]
Reply With Quote