subscribe
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Hi
for a few days now I see in the logs of my firewall (debian/stable)
entries about someone trying to connect to my SSH server with several
users (root, test, mysql, etc..) without success. today I saw an entry
which alarmed me:
Oct 31 14:37:17 coltrane sshd[17927]: Bad protocol version identific
On Sun, 31 Oct 2004 17:16:48 +0200, Haim Ashkenazi wrote:
[...]
> I downloaded and run the latest version (0.44) and the output is ok. also,
> I downloaded and run rkhunter and the output is also ok. if it wasn't for
> the logs on the server I would be relaxed, but it still bothers me. I have
> dir
On Sun, 2004-10-31 at 17:16 +0200, Haim Ashkenazi wrote:
> for a few days now I see in the logs of my firewall (debian/stable)
> entries about someone trying to connect to my SSH server with several
> users (root, test, mysql, etc..) without success. today I saw an entry
> which alarmed me:
> Oct 3
On Sun, 31 Oct 2004 16:59:12 +0100, Arthur de Jong wrote:
> On Sun, 2004-10-31 at 17:16 +0200, Haim Ashkenazi wrote:
>> for a few days now I see in the logs of my firewall (debian/stable)
>> entries about someone trying to connect to my SSH server with several
>> users (root, test, mysql, etc..) w
False alerts or rootkit?
I got a lot of similar (no root among users, but a lot of
"admin", "administrator" etc.) attempts to connect to my ssd(some from
the McGill University in Montreal ... they might have a compromised host
on the ip-s that belonged to the electrical engineering dep. in 1994..
I've also received a lot of connection attempts, and it's almost certain
that these attempts were originated from a Brute Force Cracker Utility
See http://www.k-otik.com/exploits/08202004.brutessh2.c.php
Calvin
Emil Perhinschi wrote:
False alerts or rootkit?
I got a lot of similar (no root among
ScanMail for Microsoft Exchange took action on the message. The message
details were:
Sender = [EMAIL PROTECTED]
Recipient(s) = [EMAIL PROTECTED];
Subject = ***SPAM*** Mail Delivery (failure [EMAIL PROTECTED])
Scanning time = 10/31/2004 18:43:51
Engine/Pattern = 7.000-1004/2.226.00
Action taken
8 matches
Mail list logo
