fending
Against Attacks) has a more detailed explanation.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Paul
Hamilton
Sent: Wednesday, January 25, 2006 10:05 PM
To: 'Daniel Gerzo'; [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: RE: auth.log &a
t: Wednesday, 25 January 2006 7:58 AM
> To: [EMAIL PROTECTED]
> Cc: [EMAIL PROTECTED]
> Subject: Re: auth.log & intruder prevention
>
>
> On Tue, Jan 24, 2006 at 10:02:26PM +0100, Ilias Sachpazidis wrote:
> > Hi Everyone,
>
> hello,
>
> >
> >
PROTECTED]
Subject: Re: auth.log & intruder prevention
On Tue, Jan 24, 2006 at 10:02:26PM +0100, Ilias Sachpazidis wrote:
> Hi Everyone,
hello,
>
> In auth.log of my FreeBSD boxes I got many requests to port 22, as you can
> see below.
> begin of snippet
> Jan 22 11
On Tue, Jan 24, 2006 at 10:02:26PM +0100, Ilias Sachpazidis wrote:
> Hi Everyone,
hello,
>
> In auth.log of my FreeBSD boxes I got many requests to port 22, as you can
> see below.
> begin of snippet
> Jan 22 11:21:50 zeus sshd[92900]: Failed password for illegal user cracking
> from 65.2
We are talking about a few users and nobody has a permanent IP.
-IS
-Original Message-
From: Dan O'Connor [mailto:[EMAIL PROTECTED]
Sent: Dienstag, 24. Januar 2006 22:29
To: [EMAIL PROTECTED]
Subject: Re: auth.log & intruder prevention
> I am wondering if any script is
On Wed, 9 Mar 2005, Mark wrote:
Which is curious, as the IP address no longer has a machine on it. Then I
checked, and after a while I suddenly noticed /var/log/auth.log was dated
March 8, 2004! Apparently, the security script just checks the date, but
not the year? Is it supposed to work this way?
Mark <[EMAIL PROTECTED]> writes:
> Is this a stuck key or an attack??
Looks like a stuck key to me. It's on the console, so if it was an
attack, you'd've seen the attacker.
--
Lowell Gilbert, embedded/networking software engineer, Boston area:
resume/CV at http://be-well.ilk.o
