On Fri, 5 Nov 2004 12:34:38 +1100, Matthew Joyce <[EMAIL PROTECTED]> wrote: > > > Hi, > > I was just checking some logs on a woody box and just want to clarify > something. > > Stuff like this : >
[...] > Nov 3 00:06:25 donate sshd[3666]: Failed password for root from > 61.218.125.178 port 43958 ssh2 > > ..and there are pages and pages of it. > > This is someone trying to login as root right ? > If you look on fulldisclosure mailing list, some time ago more than one noticed password guessing attempt at the ssh daemon, probably there's a script circulating... > I have ssh configured so root cannot login, but I want to show some > stats to management to elevate the need to be security conscious, are > there any packages which will analyse these logs and produce a nice > report, a summary perhaps ? > I don't know about this one. Andrea -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
