On Thursday 06 July 2006 03:46, Scott Taylor wrote: > Hello all, > > I have a CentOS 4.2 server that gives me these error messages in my > /var/log/secure file, I realise that these are SSH attacks, but where does > the extra line "Could not get shadow information for NOUSER" come from? > This doesn't make any sense. I have many servers running CentOS 4.2, but > don't get this error message on any others. I hate junk in my logs. Is > there any way to get rid of it? > > Invalid user guest from ::ffff:210.210.4.60 > error: Could not get shadow information for NOUSER > Failed password for invalid user guest from ::ffff:210.210.4.60 port 55073 > ssh2 It's a response from the server itself when some script kiddies try to logon to your server using a non existent username. CMIIW, -- Fajar Priyanto | Reg'd Linux User #327841 | Linux tutorial http://linux2.arinet.org 09:47:52 up 1:14, 2.6.17-1.2139_FC5 GNU/Linux Let's use OpenOffice. http://www.openoffice.org