Jesús Genicio escribió: > Hola: > > He instalado un sistema de vigilancia por webcam y motion en unas > casas, y al revisar los log, he visto que me han intentado acceder por > fuerza bruta através de ssh. De la manera: > > Feb 16 15:22:10 DebianTesting sshd[31067]: pam_unix(sshd:auth): > authentication failure; logname= uid=0 euid=0 tty=ssh ruser= > rhost=200.31.162.147 > Feb 16 15:22:13 DebianTesting sshd[31067]: Failed password for invalid > user hakan from 200.31.162.147 port 35498 ssh2 > Feb 16 15:22:17 DebianTesting sshd[31069]: reverse mapping checking > getaddrinfo for net-162-pc147.salnet.net [200.31.162.147] failed - > POSSIBLE BREAK-IN ATTEMPT! > Feb 16 15:22:17 DebianTesting sshd[31069]: Invalid user hakan from > 200.31.162.147 > Feb 16 15:22:17 DebianTesting sshd[31069]: pam_unix(sshd:auth): check > pass; user unknown > Feb 16 15:22:17 DebianTesting sshd[31069]: pam_unix(sshd:auth): > authentication failure; logname= uid=0 euid=0 tty=ssh ruser= > rhost=200.31.162.147 > Feb 16 15:22:19 DebianTesting sshd[31069]: Failed password for invalid > user hakan from 200.31.162.147 port 36854 ssh2 > Feb 16 15:22:22 DebianTesting sshd[31071]: reverse mapping checking > getaddrinfo for net-162-pc147.salnet.net [200.31.162.147] failed - > POSSIBLE BREAK-IN ATTEMPT! > Feb 16 15:22:22 DebianTesting sshd[31071]: Invalid user natasha from > 200.31.162.147 > Feb 16 15:22:22 DebianTesting sshd[31071]: pam_unix(sshd:auth): check > pass; user unknown > Feb 16 15:22:22 DebianTesting sshd[31071]: pam_unix(sshd:auth): > authentication failure; logname= uid=0 euid=0 tty=ssh ruser= > rhost=200.31.162.147 > Feb 16 15:22:24 DebianTesting sshd[31071]: Failed password for invalid > user natasha from 200.31.162.147 port 38201 ssh2 > Feb 16 15:22:27 DebianTesting sshd[31073]: reverse mapping checking > getaddrinfo for net-162-pc147.salnet.net [200.31.162.147] failed - > POSSIBLE BREAK-IN ATTEMPT! > Feb 16 15:22:27 DebianTesting sshd[31073]: Invalid user natasha from > 200.31.162.147 > Feb 16 15:22:27 DebianTesting sshd[31073]: pam_unix(sshd:auth): check > pass; user unknown > Feb 16 15:22:27 DebianTesting sshd[31073]: pam_unix(sshd:auth): > authentication failure; logname= uid=0 euid=0 tty=ssh ruser= > rhost=200.31.162.147 > Feb 16 15:22:29 DebianTesting sshd[31073]: Failed password for invalid > user natasha from 200.31.162.147 port 39787 ssh2 > Feb 16 15:22:32 DebianTesting sshd[31075]: reverse mapping checking > getaddrinfo for net-162-pc147.salnet.net [200.31.162.147] failed - > POSSIBLE BREAK-IN ATTEMPT! > Feb 16 15:22:32 DebianTesting sshd[31075]: Invalid user natasha from > 200.31.162.147 > Feb 16 15:22:32 DebianTesting sshd[31075]: pam_unix(sshd:auth): check > pass; user unknown > Feb 16 15:22:32 DebianTesting sshd[31075]: pam_unix(sshd:auth): > authentication failure; logname= uid=0 euid=0 tty=ssh ruser= > rhost=200.31.162.147 > Feb 16 15:22:33 DebianTesting sshd[31075]: Failed password for invalid > user natasha from 200.31.162.147 port 40764 ssh2 > Feb 16 15:22:35 DebianTesting sshd[31077]: reverse mapping checking > getaddrinfo for net-162-pc147.salnet.net [200.31.162.147] failed - > POSSIBLE BREAK-IN ATTEMPT! > Feb 16 15:22:35 DebianTesting sshd[31077]: Invalid user natasha from > 200.31.162.147 > Feb 16 15:22:35 DebianTesting sshd[31077]: pam_unix(sshd:auth): check > pass; user unknown > Feb 16 15:22:35 DebianTesting sshd[31077]: pam_unix(sshd:auth): > authentication failure; logname= uid=0 euid=0 tty=ssh ruser= > rhost=200.31.162.147 > Feb 16 15:22:37 DebianTesting sshd[31077]: Failed password for invalid > user natasha from 200.31.162.147 port 41795 ssh2 > Feb 16 15:22:43 DebianTesting sshd[31079]: reverse mapping checking > getaddrinfo for net-162-pc147.salnet.net [200.31.162.147] failed - > POSSIBLE BREAK-IN ATTEMPT! > Feb 16 15:22:43 DebianTesting sshd[31079]: Invalid user ben from > 200.31.162.147 > Feb 16 15:22:43 DebianTesting sshd[31079]: pam_unix(sshd:auth): check > pass; user unknown > > > Como pdeis ver es desde la ip:200.31.162.147 > > Pues bien, ponedla en un navegador y os da la risa, o al menos a mi me > dio.( no hay riesgo en ello, tranquilos) > > Ya me contareis :) > > S2. > >
hacele la misma, haber si le gusta :D -- Carlos Albornoz C. Linux User #360502 http://carlos.deathlock.org fono: 97864420 -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
