rs-freddo

Well-Known Member
May 13, 2003
834
1
168
Australia
cPanel Access Level
Root Administrator
Noticed this in logwatch this morning:
**Unmatched Entries**
Command stream end of file, while reading line user=??? host=[61.176.218.34]: 8 Time(s)
Logout user=??? domain=??? host=UNKNOWN: 9 Time(s)
Logout user=access domain=??? host=[61.176.218.34]: 1 Time(s)
Logout user=account domain=??? host=[61.176.218.34]: 2 Time(s)
Logout user=admin domain=??? host=[61.176.218.34]: 2 Time(s)
Logout user=backup domain=??? host=[61.176.218.34]: 1 Time(s)
Logout user=root domain=??? host=[61.176.218.34]: 3 Time(s)
Logout user=sybase domain=??? host=[61.176.218.34]: 1 Time(s)
Logout user=user domain=??? host=[61.176.218.34]: 3 Time(s)
Logout user=web domain=??? host=[61.176.218.34]: 1 Time(s)
Logout user=webmaster domain=??? host=[61.176.218.34]: 1 Time(s)
The interesting part is that this is a command stream. I take it that the person was using the logout system in cpanel to try and hack in.

Anybody else notice this sort of activity?