Are We Hacked [Archive] - Web Hosting Talk

joubarani

01-02-2003, 05:42 PM

Active System Attack Alerts
=-=-=-=-=-=-=-=-=-=-=-=-=-=
Jan 2 23:07:33 server portsentry[18245]: attackalert: TCP SYN/Normal scan from host: 61.145.231.44/61.145.231.44 to TCP port: 515
Jan 2 23:07:34 server portsentry[18245]: attackalert: External command run for host: 61.145.231.44 using command: "/etc/portsentry/port.alert 61.145.231.44 515"
Jan 2 23:07:34 server portsentry[18245]: attackalert: TCP SYN/Normal scan from host: 61.145.231.44/61.145.231.44 to TCP port: 515
Jan 2 23:07:34 server portsentry[18245]: attackalert: Host: 61.145.231.44/61.145.231.44 is already blocked Ignoring
Jan 2 23:07:34 server portsentry[18245]: attackalert: TCP SYN/Normal scan from host: 61.145.231.44/61.145.231.44 to TCP port: 515
Jan 2 23:07:34 server portsentry[18245]: attackalert: Host: 61.145.231.44/61.145.231.44 is already blocked Ignoring

Security Violations
=-=-=-=-=-=-=-=-=-=
Jan 2 23:07:33 server portsentry[18245]: attackalert: TCP SYN/Normal scan from host: 61.145.231.44/61.145.231.44 to TCP port: 515
Jan 2 23:07:34 server portsentry[18245]: attackalert: External command run for host: 61.145.231.44 using command: "/etc/portsentry/port.alert 61.145.231.44 515"
Jan 2 23:07:34 server portsentry[18245]: attackalert: TCP SYN/Normal scan from host: 61.145.231.44/61.145.231.44 to TCP port: 515
Jan 2 23:07:34 server portsentry[18245]: attackalert: Host: 61.145.231.44/61.145.231.44 is already blocked Ignoring
Jan 2 23:07:34 server portsentry[18245]: attackalert: TCP SYN/Normal scan from host: 61.145.231.44/61.145.231.44 to TCP port: 515
Jan 2 23:07:34 server portsentry[18245]: attackalert: Host: 61.145.231.44/61.145.231.44 is already blocked Ignoring
Jan 2 23:01:03 server sendmail[28044]: gethostbyaddr(xxx.xx.xxx.xxx) failed: 1
Jan 2 23:01:03 server sendmail[28044]: gethostbyaddr(xxx.xx.xxx.xx1) failed: 1
Jan 2 23:01:03 server sendmail[28044]: gethostbyaddr(xxx.xx.xxx.xx2) failed: 1
Jan 2 23:01:03 server sendmail[28044]: gethostbyaddr(xxx.xx.xxx.x3) failed: 1
Jan 2 23:01:09 server sendmail[28417]: gethostbyaddr(xxx.xx.xxx.xxx) failed: 1
Jan 2 23:01:09 server sendmail[28417]: gethostbyaddr(xxx.xx.xxx.xx1) failed: 1
Jan 2 23:01:09 server sendmail[28417]: gethostbyaddr(xxx.xx.xxx.xx2) failed: 1
Jan 2 23:01:09 server sendmail[28417]: gethostbyaddr(xxx.xx.xxx.x3) failed: 1
Jan 2 23:01:39 server sendmail[28661]: gethostbyaddr(xxx.xx.xxx.xxx) failed: 1
Jan 2 23:01:39 server sendmail[28661]: gethostbyaddr(xxx.xx.xxx.xx1) failed: 1
Jan 2 23:01:39 server sendmail[28661]: gethostbyaddr(xxx.xx.xxx.xx2) failed: 1
Jan 2 23:01:40 server sendmail[28661]: gethostbyaddr(xxx.xx.xxx.x3) failed: 1
Jan 2 23:02:03 server sendmail[28910]: gethostbyaddr(xxx.xx.xxx.xxx) failed: 1
Jan 2 23:02:03 server sendmail[28910]: gethostbyaddr(xxx.xx.xxx.xx1) failed: 1
Jan 2 23:02:03 server sendmail[28910]: gethostbyaddr(xxx.xx.xxx.xx2) failed: 1
Jan 2 23:02:03 server sendmail[28910]: gethostbyaddr(xxx.xx.xxx.x3) failed: 1
Jan 2 23:02:10 server sendmail[29045]: gethostbyaddr(xxx.xx.xxx.xxx) failed: 1
Jan 2 23:02:10 server sendmail[29045]: gethostbyaddr(xxx.xx.xxx.xx1) failed: 1
Jan 2 23:15:47 server sendmail[2281]: h02LFkG02281: ruleset=check_relay, arg1=teleport6.azoogle.com, arg2=66.197.170.9, relay=teleport6.azoogle.com [66.197.170.9], reject=550 5.0.0 Mail rejected due to possible SPAM
Jan 2 23:15:48 server sendmail[2281]: NOQUEUE: teleport6.azoogle.com [66.197.170.9] did not issue MAIL/EXPN/VRFY/ETRN during

Kindly Help :confused: