On 2005-05-02, Robert S penned:
>
>> - never use the same email addy ( john ) as your any of your
>> loginID ( john ) .. one of it should be "jsmith" or some other
>> non-guessible loginid ... and aliase [EMAIL PROTECTED] in your
>> /etc/alias files back to j1z3k5 so that j1z3k5 can
>> read/del
> - sniff any/all of the emails and follow that email into the server
> and try to guess their passwords
I'm particularly concerned that spammers can find out valid email accounts
on our system. From what you say it looks as if that's unavoidable unless I
take elaborate precautions.
Currently
On Mon, 2 May 2005, Robert S wrote:
> There seem to be bursts of this sort of activity every day or two, from
> different addresses.
good .. consider it a free server audit by script kiddies
> What concerns me is that the attackers seem to be able to retrieve the names
> of users on my system
Today I found hundreds of the following in my /var/log/auth.log:
May 2 08:12:01 debian sshd[16918]: Could not reverse map address
64.132.35.43.
May 2 08:12:04 debian sshd[16920]: Could not reverse map address
64.132.35.43.
May 2 08:12:06 debian sshd[16922]: Could not reverse map address
64.1
4 matches
Mail list logo
