Future timestamps in /var/log/secure

• Previous message (by thread): Comcast IPv6 Trials Update
• Next message (by thread): Future timestamps in /var/log/secure
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I found a while ago in /var/log/secure that for an invalid ssh login attempt the ssh Bye Bye line is in the 
future. I have searched the web and can not find a reason for the future time in the log.

Here is a sample. Repeated lines are shown once in first part

grep "210.212.145.152" /var/log/secure

Feb 26 09:43:13 mx sshd[18117]: Did not receive identification string from 210.212.145.152
Feb 26 09:50:33 mx sshd[19100]: Invalid user 0admin from 210.212.145.152
Feb 26 09:50:36 mx sshd[19106]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh 
ruser= rhost=210.212.145.152
Feb 26 09:50:38 mx sshd[19102]: Failed password for invalid user 0admin from 210.212.145.152 port 39902 ssh2
Feb 26 17:50:38 mx sshd[19113]: Received disconnect from 210.212.145.152: 11: Bye Bye

grep -A1 -B1 "sshd\[19118\]: Received disconnect from 210.212.145.152: 11: Bye Bye" /var/log/secure

Feb 26 17:50:38 mx sshd[19115]: Received disconnect from 210.212.145.152: 11: Bye Bye
Feb 26 17:50:38 mx sshd[19118]: Received disconnect from 210.212.145.152: 11: Bye Bye
Feb 26 09:52:39 mx proftpd[17297]: mx.example.com (208.xxx.xxx.xxx[208.xxx.xxx.xxx]) - FTP no transfer 
timeout, disconnected

Can anyone explain the future time stamp on the Bye Bye lines?

OS is Centos 5.4, FYI

-- 
Wade Peacock
Network Administrator

Sun Country Cablevision Ltd
Sunwave Internet Department
Tel: (250) 832-9711 or (250) 546-9667
Web: http://www.sunwave.net
Email: wade.peacock at sunwave.net
Support Email: support at sunwave.net

• Previous message (by thread): Comcast IPv6 Trials Update
• Next message (by thread): Future timestamps in /var/log/secure
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]