subscribe
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Hi
for a few days now I see in the logs of my firewall (debian/stable)
entries about someone trying to connect to my SSH server with several
users (root, test, mysql, etc..) without success. today I saw an entry
which alarmed me:
Oct 31 14:37:17 coltrane sshd[17927]: Bad protocol version
On Sun, 31 Oct 2004 17:16:48 +0200, Haim Ashkenazi wrote:
[...]
I downloaded and run the latest version (0.44) and the output is ok. also,
I downloaded and run rkhunter and the output is also ok. if it wasn't for
the logs on the server I would be relaxed, but it still bothers me. I have
direct
On Sun, 2004-10-31 at 17:16 +0200, Haim Ashkenazi wrote:
for a few days now I see in the logs of my firewall (debian/stable)
entries about someone trying to connect to my SSH server with several
users (root, test, mysql, etc..) without success. today I saw an entry
which alarmed me:
Oct 31
On Sun, 31 Oct 2004 16:59:12 +0100, Arthur de Jong wrote:
On Sun, 2004-10-31 at 17:16 +0200, Haim Ashkenazi wrote:
for a few days now I see in the logs of my firewall (debian/stable)
entries about someone trying to connect to my SSH server with several
users (root, test, mysql, etc..) without
False alerts or rootkit?
I got a lot of similar (no root among users, but a lot of
admin, administrator etc.) attempts to connect to my ssd(some from
the McGill University in Montreal ... they might have a compromised host
on the ip-s that belonged to the electrical engineering dep. in 1994..
if
I've also received a lot of connection attempts, and it's almost certain
that these attempts were originated from a Brute Force Cracker Utility
See http://www.k-otik.com/exploits/08202004.brutessh2.c.php
Calvin
Emil Perhinschi wrote:
False alerts or rootkit?
I got a lot of similar (no root among
7 matches
Mail list logo
