Je pense pas qu'il y ait à s'inquiéter de ces tentatives. Personnellement, j'en ai parfois des pages entières dans les logs. Je pense que c'est simplement des blancs-becs qui utilisent des outils automatiques. Si tu n'es pas convaincu, tu peux faire 2 choses : limiter l'accès SSH de ta machine au réseau local si tu n'as pas besoin d'y accéder à distance, et changer temporairement le port d'écoute par défaut de ton serveur SSH (mais surtout pas le 23 !).
Comendatore. Le Mercredi 23 Mars 2005 11:26, Gwendal Demaille a écrit : > Bonjour, > > Ci-après le contenu de deux logchecks de ce matin. Il me semble qu'il > s'agit de tentatives (infructueuses:) de se loguer sur ma machine via > ssh. > > Quelqu'un peut-il m'indiquer comment je devrais réagir en termes de > sécurisation, identification (commandes) et répression (abuse)? > > > Journal de 5h02: > > Security Events > =-=-=-=-=-=-=-= > Mar 23 04:46:03 GDem3 sshd[11168]: Failed password for illegal user > test from ::ffff:211.176.33.46 port 50152 ssh2 Mar 23 04:46:06 GDem3 > sshd[11174]: Failed password for illegal user guest from > > ::ffff:211.176.33.46 port 50252 ssh2 Mar 23 04:46:08 GDem3 sshd[11176]: > > Illegal user admin from ::ffff:211.176.33.46 Mar 23 04:46:08 GDem3 > sshd[11176]: Failed password for illegal user admin from > > ::ffff:211.176.33.46 port 50344 ssh2 Mar 23 04:46:11 GDem3 sshd[11182]: > > Illegal user admin from ::ffff:211.176.33.46 Mar 23 04:46:11 GDem3 > sshd[11182]: Failed password for illegal user admin from > > ::ffff:211.176.33.46 port 50439 ssh2 Mar 23 04:46:14 GDem3 sshd[11184]: > > Failed password for illegal user user from ::ffff:211.176.33.46 port > 50526 ssh2 Mar 23 04:46:17 GDem3 sshd[11190]: Failed password for root > from ::ffff:211.176.33.46 port 50618 ssh2 Mar 23 04:46:20 GDem3 > sshd[11192]: Failed password for root from ::ffff:211.176.33.46 port > 50711 ssh2 Mar 23 04:46:23 GDem3 sshd[11199]: Failed password for root > from ::ffff:211.176.33.46 port 50797 ssh2 Mar 23 04:46:26 GDem3 > sshd[11201]: Failed password for illegal user test from > > ::ffff:211.176.33.46 port 50890 ssh2 > > System Events > =-=-=-=-=-=-= > Mar 23 04:46:03 GDem3 sshd[11168]: Illegal user test from > > ::ffff:211.176.33.46 Mar 23 04:46:03 GDem3 sshd[11168]: error: Could not > > get shadow information for NOUSER Mar 23 04:46:06 GDem3 sshd[11174]: > Illegal user guest from ::ffff:211.176.33.46 Mar 23 04:46:06 GDem3 > sshd[11174]: error: Could not get shadow information for NOUSER Mar 23 > 04:46:08 GDem3 sshd[11176]: error: Could not get shadow information for > NOUSER Mar 23 04:46:11 GDem3 sshd[11182]: error: Could not get shadow > information for NOUSER Mar 23 04:46:14 GDem3 sshd[11184]: Illegal user > user from ::ffff:211.176.33.46 Mar 23 04:46:14 GDem3 sshd[11184]: error: > Could not get shadow information for NOUSER Mar 23 04:46:26 GDem3 > sshd[11201]: Illegal user test from ::ffff:211.176.33.46 Mar 23 04:46:26 > GDem3 sshd[11201]: error: Could not get shadow information for NOUSER > > > > Journal de 10h02: > > Security Events > =-=-=-=-=-=-=-= > Mar 23 09:11:39 GDem3 sshd[27590]: Failed password for root from > > ::ffff:62.193.236.45 port 45567 ssh2 Mar 23 09:11:40 GDem3 sshd[27592]: > > Failed password for root from ::ffff:62.193.236.45 port 45687 ssh2 Mar > 23 09:11:41 GDem3 sshd[27594]: Failed password for root from > > ::ffff:62.193.236.45 port 45769 ssh2 Mar 23 09:11:42 GDem3 sshd[27596]: > > Failed password for root from ::ffff:62.193.236.45 port 45851 ssh2 Mar > 23 09:11:42 GDem3 sshd[27598]: Failed password for root from > > ::ffff:62.193.236.45 port 45936 ssh2 Mar 23 09:11:43 GDem3 sshd[27600]: > > Failed password for root from ::ffff:62.193.236.45 port 46006 ssh2 Mar > 23 09:11:44 GDem3 sshd[27602]: Failed password for root from > > ::ffff:62.193.236.45 port 46076 ssh2 Mar 23 09:11:44 GDem3 sshd[27608]: > > Failed password for root from ::ffff:62.193.236.45 port 46156 ssh2 > > > GD
