I recently installed logcheck on my RH 7.0 systems and have been comforted and possibly entertained by how well it works. However this morning I started getting lengthy messages indicating what appears to be somebody trying to break in via a buffer overrun. I get this... Security Violations =-=-=-=-=-=-=-=-=-= Jun 22 05:17:53 host SERVER[18075]: Dispatch_input: bad request line '..... followed by a lot of binary bytes ending in "/bin/sh" I've ad a couple "spurts" of this already today on two different systems; lasting about 2 minutes and then dissappearing. I'm guessing that whoever is trying this is [so far] being kept out, but I guess I'd like to know what is being hammered on as "SERVER" doesn't provide much help. Any ideas? -- Peter Gutowski <peter@linuxchamps.com> // tel.: (413) 587-3957 "When in company, put not your hands to any part of the body not usually discovered." --George Washington, _Rules for Civility and Decent Behavior_