Hi all,
While watching the log at /var/log/messages on a Centos 4.x box I keep seeing this come up
Jul 18 09:38:40 ws096 PAM_pwdb[708]: check pass; user unknown
From what I understand this might be a ssh attack or am I wrong here?
The bad thing is that it does not show an IP address its coming so I could block it. Anybody run into this before and found a solution?
Thanks!