Morning all,
Little back ground. Running CentOS 5.3 fully update. I basically run
this as router and gateway for home network. I have two(2) winblows
machines hooked up. I am running samba for shares. I opened up root's
mail this morning and found this strange little comment :
Connections Denied:
lib/access.c:check_access(327) 58.239.84.158 : 1 Time(s)
smbd/process.c:process_smb(1062) 58.239.84.158 : 1 Time(s)
So I started looking around in /var/log. I looked at my secure logs and
saw nothing out of the ordinary. I looked in samba and found a log file
58.239.84.158.log. I opened it up and it said the following:
[2009/08/15 06:31:34, 0] lib/access.c:check_access(327)
Denied connection from (58.239.84.158)
[2009/08/15 06:31:34, 1] smbd/process.c:process_smb(1062)
Connection denied from 58.239.84.158
There is nothing on this server that I can not replace. Did I just get
hacked? Should I wipe this thing and start over? Any and all advice is
greatly appreciated!!!
Thanks.
Lee Perez