lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <2147483647.1090788581@[192.168.2.102]>
From: pauls at utdallas.edu (Paul Schmehl)
Subject: Automated SSH login attempts?

--On Thursday, July 22, 2004 10:47 AM -0400 Jay Libove <libove@...ines.org> 
wrote:
>
> Here are some log entries from my system:
>
> Jul 15 10:01:34 panther6 sshd[8267]: Illegal user test from 62.67.45.4
> Jul 15 10:01:34 panther6 sshd[8267]: Failed password for illegal user

We've been seeing these as well, and in every case we've notified the 
owners, they have mailed us back to let us know that the host had been 
rooted.

You would be doing the owners a big favor by notifying them that their host 
is probably compromised.

Paul Schmehl (pauls@...allas.edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ