possible hacking weird things in syslog


fagostini

Recommended Posts

Hello i have been noticing some weird things in my syslog recently and i am worried i might have been hacked. 

 

 

Mar 22 05:24:16 Gargantua smbd[78925]: [2021/03/22 05:24:16.388691,  0] ../../source3/smbd/ipc.c:843(reply_trans)
Mar 22 05:24:16 Gargantua smbd[78925]:   reply_trans: invalid trans parameters
Mar 22 06:12:01 Gargantua smbd[94749]: [2021/03/22 06:12:01.206465,  0] ../../source3/smbd/ipc.c:843(reply_trans)
Mar 22 06:12:01 Gargantua smbd[94749]:   reply_trans: invalid trans parameters
Mar 22 07:57:02 Gargantua smbd[130452]: [2021/03/22 07:57:02.480366,  0] ../../source3/smbd/ipc.c:843(reply_trans)
Mar 22 07:57:02 Gargantua smbd[130452]:   reply_trans: invalid trans parameters
Mar 22 08:00:37 Gargantua smbd[862]: [2021/03/22 08:00:37.197682,  0] ../../source3/smbd/ipc.c:843(reply_trans)
Mar 22 08:00:37 Gargantua smbd[862]:   reply_trans: invalid trans parameters
Mar 22 09:55:46 Gargantua vsftpd[39340]: connect from 192.241.229.40 (192.241.229.40)
Mar 22 10:47:08 Gargantua rpcbind[56376]: connect from 147.203.255.20 to dump()
Mar 22 11:39:25 Gargantua vsftpd[73482]: connect from 104.206.128.14 (104.206.128.14)
Mar 22 11:45:55 Gargantua vsftpd[75646]: connect from 104.206.128.34 (104.206.128.34)
Mar 22 12:24:44 Gargantua rpcbind[88532]: connect from 178.79.177.180 to dump()
Mar 22 12:40:33 Gargantua smbd[93735]: [2021/03/22 12:40:33.433770,  0] ../../source3/smbd/ipc.c:843(reply_trans)
Mar 22 12:40:33 Gargantua smbd[93735]:   reply_trans: invalid trans parameters
Mar 22 13:44:59 Gargantua rpcbind[115137]: connect from 192.241.222.139 to dump()
Mar 22 14:06:32 Gargantua smbd[122228]: [2021/03/22 14:06:32.453344,  0] ../../source3/smbd/ipc.c:843(reply_trans)
Mar 22 14:06:32 Gargantua smbd[122228]:   reply_trans: invalid trans parameters
Mar 22 16:24:30 Gargantua smbd[37268]: [2021/03/22 16:24:30.999049,  0] ../../source3/smbd/ipc.c:843(reply_trans)
Mar 22 16:24:30 Gargantua smbd[37268]:   reply_trans: invalid trans parameters
Mar 22 16:26:16 Gargantua smbd[37856]: [2021/03/22 16:26:16.483063,  0] ../../source3/smbd/ipc.c:843(reply_trans)
Mar 22 16:26:16 Gargantua smbd[37856]:   reply_trans: invalid trans parameters
Mar 22 19:21:44 Gargantua smbd[96285]: [2021/03/22 19:21:44.027448,  0] ../../source3/smbd/ipc.c:843(reply_trans)
Mar 22 19:21:44 Gargantua smbd[96285]:   reply_trans: invalid trans parameters
Mar 22 19:34:58 Gargantua smbd[100588]: [2021/03/22 19:34:58.929134,  0] ../../source3/smbd/ipc.c:843(reply_trans)
Mar 22 19:34:58 Gargantua smbd[100588]:   reply_trans: invalid trans parameters
Mar 22 19:50:20 Gargantua smbd[105914]: [2021/03/22 19:50:20.334158,  0] ../../source3/smbd/process.c:341(read_packet_remainder)
Mar 22 19:50:20 Gargantua smbd[105914]:   read_fd_with_timeout failed for client 23.90.145.51 read error = NT_STATUS_END_OF_FILE.
Mar 22 20:07:32 Gargantua kernel: svc: svc_tcp_read_marker nfsd RPC fragment too large: 1195725856
Mar 22 21:38:25 Gargantua smbd[11326]: [2021/03/22 21:38:25.309615,  0] ../../source3/smbd/ipc.c:843(reply_trans)
Mar 22 21:38:25 Gargantua smbd[11326]:   reply_trans: invalid trans parameters

 

 

edit: i have changed the root password in the web ui

Edited by fagostini
Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.