Salut tuturor ! Din neglijenta, am lasat ALL:ALL in wrapper-ele unei masini cu sshd la interfata publica, de atunci gasesc log-urile pline: -- May 30 14:45:08 ftp sshd[24665]: Invalid user oracle from 209.51.140.132 May 30 14:45:08 ftp sshd[24665]: Failed password for invalid user oracle from 209.51.140.132 port 53357 ssh2 May 31 22:17:45 ftp sshd[25617]: Failed password for root from 216.227.212.227 port 47863 ssh2 May 31 22:17:45 ftp sshd[25617]: reverse mapping checking getaddrinfo for dm00030.lunarpages.com failed - POSSIBLE BREAKIN ATTEMPT! n 2 23:59:52 ftp sshd[2436]: Invalid user irak from 70.87.55.194 Jun 2 23:59:53 ftp sshd[2436]: Failed password for invalid user irak from 70.87.55.194 port 51110 ssh2 Jun 2 23:59:53 ftp sshd[2445]: Invalid user lisabona from 70.87.55.194 Jun 2 23:59:53 ftp sshd[2448]: Invalid user tiasa from 70.87.55.194 Jun 2 23:59:53 ftp sshd[2445]: Failed password for invalid user lisabona from 70.87.55.194 port 51279 ssh2 Jun 2 23:59:53 ftp sshd[2448]: Failed password for invalid user tiasa from 70.87.55.194 port 51283 ssh2 Jun 3 01:11:14 ftp sshd[25292]: Failed password for root from 211.12.244.193 port 35802 ssh2 Jun 3 01:11:18 ftp sshd[25296]: Failed password for root from 211.12.244.193 port 35883 ssh2 Jun 3 01:11:23 ftp sshd[25300]: Failed password for root from 211.12.244.193 port 35965 ssh2 Jun 3 01:11:33 ftp sshd[25304]: Failed password for root from 211.12.244.193 port 36045 ssh2 -- O caciula (mare) de incercari la sshd, unele insistente (30-40 min). Este asta un trafic de mizerii obisnuit la casa omului intr-o zi normala? Ca daca da, ma gandesc serios sa dublez tcpd cu DROP chiar daca aduce a paranoia. Pana la experienta asta, rutina era 5-15 conexiuni respinse pe zi. Mihai
_______________________________________________ RLUG mailing list [email protected] http://lists.lug.ro/mailman/listinfo/rlug
