|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[VulnDiscuss] Re: [Full-Disclosure] Automated SSH login attempts?
From: Paul Schmehl (pauls
utdallas.edu)
Date: Sun Jul 25 2004 - 20:49:41 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
--On Thursday, July 22, 2004 10:47 AM -0400 Jay Libove <libovefelines.org>
wrote:
>
> Here are some log entries from my system:
>
> Jul 15 10:01:34 panther6 sshd[8267]: Illegal user test from 62.67.45.4
> Jul 15 10:01:34 panther6 sshd[8267]: Failed password for illegal user
We've been seeing these as well, and in every case we've notified the
owners, they have mailed us back to let us know that the host had been
rooted.
You would be doing the owners a big favor by notifying them that their host
is probably compromised.
Paul Schmehl (paulsutdallas.edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]