Hi there,
I found these in my event log from yesterday:
Mar 23 09:33:16 www sshd[10998]: input_userauth_request: illegal user www
Mar 23 09:33:18 www sshd[10998]: Failed none for illegal user www from
213.26.96.103 port 2276 ssh2
Mar 23 09:33:18 www sshd[10998]: Failed keyboard-interactive
It just looks like someone is trying to brute-force an account, I'm
sure there are plenty of places that provide tools for this.
Just make sure you enforce secure passwords, and keep an eye on your
syslog.
On Sun, Mar 24, 2002 at 07:11:25AM -0800, Stephen Hassard wrote:
Hi there,
I found
sorta what I figured, but it was a pretty half assed attempt. :P
on a side note, are these typically worth reporting to the ISP of the
attacker? I tried doing a DNS lookup on the box in question, but it
doesn't seem to have an FDQN registered. What's the best way to figure
out the admin for a
Hi,
To find out who owns the IP block you can do 'whois -h whois.arin.net ip'.
I don't think reporting it would achieve anything, just a friendly
warning from the ISP to the user in question.
On Sun, Mar 24, 2002 at 08:01:04AM -0800, Stephen Hassard wrote:
sorta what I figured, but it was a
On Sun, Mar 24, 2002 at 08:01:04AM -0800, Stephen Hassard wrote:
What's the best way to figure out the admin for a subnet from a
machine's IP?
whois the_ip_adress
--
Lionel Mamane
msg06057/pgp0.pgp
Description: PGP signature
I get these all the time.
I've come to expect people to do this. It sucks, but hey,
what can you do. I'm fed up trying to report and chase them down.
We seriouslly need a US branch of the law-enforcement to deal
with this sort of stuff. I think if more people got prosecuted for
trying to
We seriouslly need a US branch of the law-enforcement to deal
with this sort of stuff.
I respect your opinion, but i would hate to
have a new branch of government wasting my
tax dollars. If these types of attacks can
be stopped on the software side, than that
be much more effective than
[resources about cryptography blah blah]
Thank you all for your quick help! Now I have a bunch of new bookmarks
(I just have to read them.. =P )
CU,
Philippe
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
You could also TCP Wrap the services.
That drops the BS quite a bit. :)
-Anne
On Sun, Mar 24, 2002 at 11:44:26AM -0500, Gary MacDougall wrote:
I get these all the time.
I've come to expect people to do this. It sucks, but hey,
what can you do. I'm fed up trying to report and chase them
We seriouslly need a US branch of the law-enforcement to deal
with this sort of stuff. I think if more people got prosecuted for
trying to crack into a site, the level of BS would drop to zero.
Yeah! And what if the attacker is from a other country?
You cannot just bomb 'em for terrorist
We seriouslly need a US branch of the law-enforcement to deal
with this sort of stuff. I think if more people got prosecuted for
trying to crack into a site, the level of BS would drop to zero.
Yeah! And what if the attacker is from a other country?
You cannot just bomb 'em for
Feeding the trolls in this pen is inadvisable.
--
Martin Wheeler [EMAIL PROTECTED] gpg key 01269BEB @ the.earth.li
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
On Sun, Mar 24, 2002 at 12:28:17PM -0500, timothy bauscher wrote:
We seriouslly need a US branch of the law-enforcement to deal
with this sort of stuff.
I respect your opinion, but i would hate to
have a new branch of government wasting my
tax dollars. If these types of attacks can
be
On Sun, Mar 24, 2002 at 07:24:18PM +0100, andreas mayer wrote:
We seriouslly need a US branch of the law-enforcement to deal
with this sort of stuff. ?I think if more people got prosecuted for
trying to crack into a site, the level of BS would drop to zero.
Yeah! And what if the attacker
In article [EMAIL PROTECTED] [EMAIL PROTECTED] writes:
What's the best way to figure
out the admin for a subnet from a machine's IP?
As others have pointed out, whois is the normal tool to do it, but
they forgot to mention the complexities you get with servers pointing
to each other and
On Fri, 23 Mar 2001 13:50:54 +0100, Philippe Seidel
[EMAIL PROTECTED] was runoured to have said:
Hi all,
As you are the only security-related list I'm subscribed to and
cryptography has something to do with security, I'm directing this
question to this list.
I want to inform myself
Hi there,
I found these in my event log from yesterday:
Mar 23 09:33:16 www sshd[10998]: input_userauth_request: illegal user www
Mar 23 09:33:18 www sshd[10998]: Failed none for illegal user www from
213.26.96.103 port 2276 ssh2
Mar 23 09:33:18 www sshd[10998]: Failed keyboard-interactive
It just looks like someone is trying to brute-force an account, I'm
sure there are plenty of places that provide tools for this.
Just make sure you enforce secure passwords, and keep an eye on your
syslog.
On Sun, Mar 24, 2002 at 07:11:25AM -0800, Stephen Hassard wrote:
Hi there,
I found
sorta what I figured, but it was a pretty half assed attempt. :P
on a side note, are these typically worth reporting to the ISP of the
attacker? I tried doing a DNS lookup on the box in question, but it
doesn't seem to have an FDQN registered. What's the best way to figure
out the admin for a
Hi,
To find out who owns the IP block you can do 'whois -h whois.arin.net ip'.
I don't think reporting it would achieve anything, just a friendly
warning from the ISP to the user in question.
On Sun, Mar 24, 2002 at 08:01:04AM -0800, Stephen Hassard wrote:
sorta what I figured, but it was a
I get these all the time.
I've come to expect people to do this. It sucks, but hey,
what can you do. I'm fed up trying to report and chase them down.
We seriouslly need a US branch of the law-enforcement to deal
with this sort of stuff. I think if more people got prosecuted for
trying to
On Sun, Mar 24, 2002 at 11:44:26AM -0500, Gary MacDougall wrote:
We seriouslly need a US branch of the law-enforcement to deal
with this sort of stuff. I think if more people got prosecuted for
trying to crack into a site, the level of BS would drop to zero.
Sure, but this particular attempt
We seriouslly need a US branch of the law-enforcement to deal
with this sort of stuff.
I respect your opinion, but i would hate to
have a new branch of government wasting my
tax dollars. If these types of attacks can
be stopped on the software side, than that
be much more effective than
[resources about cryptography blah blah]
Thank you all for your quick help! Now I have a bunch of new bookmarks
(I just have to read them.. =P )
CU,
Philippe
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
You could also TCP Wrap the services.
That drops the BS quite a bit. :)
-Anne
On Sun, Mar 24, 2002 at 11:44:26AM -0500, Gary MacDougall wrote:
I get these all the time.
I've come to expect people to do this. It sucks, but hey,
what can you do. I'm fed up trying to report and chase them
We seriouslly need a US branch of the law-enforcement to deal
with this sort of stuff. I think if more people got prosecuted for
trying to crack into a site, the level of BS would drop to zero.
Yeah! And what if the attacker is from a other country?
You cannot just bomb 'em for terrorist
We seriouslly need a US branch of the law-enforcement to deal
with this sort of stuff. I think if more people got prosecuted for
trying to crack into a site, the level of BS would drop to zero.
Yeah! And what if the attacker is from a other country?
You cannot just bomb 'em for terrorist
Feeding the trolls in this pen is inadvisable.
--
Martin Wheeler [EMAIL PROTECTED] gpg key 01269BEB @ the.earth.li
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
On Sun, Mar 24, 2002 at 12:28:17PM -0500, timothy bauscher wrote:
We seriouslly need a US branch of the law-enforcement to deal
with this sort of stuff.
I respect your opinion, but i would hate to
have a new branch of government wasting my
tax dollars. If these types of attacks can
be
On Sun, Mar 24, 2002 at 07:24:18PM +0100, andreas mayer wrote:
We seriouslly need a US branch of the law-enforcement to deal
with this sort of stuff. ?I think if more people got prosecuted for
trying to crack into a site, the level of BS would drop to zero.
Yeah! And what if the attacker
30 matches
Mail list logo