On Sat, 2005-01-29 at 09:44 -0600, Steve Suehring wrote:
> Could it be this?
>
> http://lists.sans.org/pipermail/intrusions/2004-August/008357.html
>
> You didn't specify which usernames were being used, so it's tough to
> tell if that's the same.
There seems to be two sets, one is half a dozen attempts at {test,
guest, admin, user} and the other is one attempt at people's names in an
alphabetical order.
>
> A couple of simple and quick things that I might do if this was a
> concern:
Thanks, I'll look into them when get into work. Apart from securing my
boxes I'm also wondering if there's any way to track where the attacks
are originating from (or even what to ask people to check their machines
for (eg executable names etc) - there's some hints in that URL that I'll
begin with.
Michael
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
