lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <200408031020.44086.dlhtux@sbcglobal.net>
From: dlhtux at sbcglobal.net (David Hane)
Subject: scanning IP Address List

Hey all,

I know everyone has been talking about failed ssh logins using default 
usernames. I've also started seeing a lot of SSH version scanning and failed 
connections to my mail servers. The funny thing is, I have servers in 
different IP ranges located throughout the country yet some of the offending 
IP addresses are the same.

Has anyone else seen a noticeable increase in these other types of "hacks"? 
More specifically are these IP addresses hitting anyone else out there?

Log samples:

222.183.140.102 - did not issue MAIL/EXPN/VRFY/ETRN during connection to 
MTA-v4
65.119.27.221 - sshd Timeout before authentication
147.46.40.65 - SSH-1.0-SSH_Version_Mapper scan
204.211.2.57 - Illegal user test

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ