|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
SSH probes?
From: Devdas Bhagat (devdas
dvb.homelinux.org)
Date: Sun May 09 2004 - 11:34:30 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I got about 61 of these in my logs before I turned sshd off. This looks
like a brute force attempt at getting a login.
May 9 21:35:03 evita sshd(pam_unix)[16332]: authentication failure;
logname= uid=0 euid=0 tty=NODEVssh ruser= rhost=211.216.53.20 user=ftp
May 9 21:35:10 evita sshd(pam_unix)[16374]: check pass; user unknown
May 9 21:35:10 evita sshd(pam_unix)[16374]: authentication failure;
logname= uid=0 euid=0 tty=NODEVssh ruser= rhost=211.216.53.20
May 9 21:35:16 evita sshd(pam_unix)[16375]: check pass; user unknown
Anyone else seeing events like this?
The box is patched, up to date and still uncompromised. Timezone is
UTC +0530 and synchronised to ntp.
Devdas Bhagat
---------------------------------------------------------------------------
----------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]