<quote quem="Erick"> > Boa noite pessoal, > instalei um servidor ssh ha algum tempo no PC de casa, e percebi > algumas entradas no /var/log/auth.log como essas: > > Nov 25 14:24:47 localhost sshd[2611]: Illegal user test from 82.77.21.170 > Nov 25 14:25:39 localhost sshd[2642]: Illegal user tester from > 82.77.21.170 > Nov 25 14:26:32 localhost sshd[2672]: Illegal user testing from > 82.77.21.170 > Nov 25 14:27:17 localhost sshd[2704]: Illegal user guest from 82.77.21.170 > Nov 25 14:28:00 localhost sshd[2732]: Illegal user account from > 82.77.21.170 > Nov 27 01:32:44 localhost sshd[1583]: Illegal user a from 69.164.235.110 > Nov 27 01:32:47 localhost sshd[1586]: Illegal user b from 69.164.235.110 > Nov 27 01:32:49 localhost sshd[1589]: Illegal user c from 69.164.235.110 > Dec 4 20:29:36 localhost sshd[1624]: Illegal user demo from > 211.100.33.142 > Dec 4 20:30:30 localhost sshd[1646]: Illegal user admin from > 211.100.33.142 > Dec 4 20:31:49 localhost sshd[1678]: Illegal user student from > 211.100.33.142 > Dec 20 13:43:46 localhost sshd[2353]: Illegal user clark from > 200.162.80.236 > > Isso me parece aqueles programinhas que varrem a Internet atras de portas > abertas > e depois tentam um ataque de brute-force. Minha duvida é se eu deveria me > preocupar com isso. > Trocar a porta padrao [22] diminui ou evita totalmente esse tipo de ataque > 'ás cegas' ? >
Veja: http://www.dicas-l.com.br/dicas-l/20050113.php Fabio. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
