[olug] attempted attacks
Eric Lusk
wyrmzr72 at yahoo.com
Tue Mar 8 14:59:57 UTC 2005
Someone has too much time on their hands. They have
to to be trying to log into my server. All of it's
coming from a couple of systems in Asia, one of which
is a web server, or at least they're masquerading as
202.55.229.226, along with a couple of other IP
addresses. The attempted logins as root don't bother
me; even I can't log in remotely as root :) But the
above IP has been trying to guess usernames, and may
have even brought down my internet service for a while
yesterday. Time to implement some tighter measures,
such as changing my ssh server port away from 22.
I doubt the sysadmins or ISPs of any of the attacking
systems are going to do much; in my experience, most
Asian ISPs don't care; some even seem to be
encouraging hackers.
At the least, it's time to modify the users on my
system, using unusual usernames. One of the systems
was going through and trying to guess usernames on the system.
http://www.ericshaus.com
Alcohol and Calculus don't mix. Never drink and derive.
__________________________________
Celebrate Yahoo!'s 10th Birthday!
Yahoo! Netrospective: 100 Moments of the Web
http://birthday.yahoo.com/netrospective/
More information about the OLUG
mailing list