>From my /var/adm/log.auth:
Jun 12 20:53:57 rulcmc su: (to root) joost on /dev/ttyp6
Jun 12 21:00:20 rulcmc su: (to root) joost on /dev/ttyp6
Jun 12 23:05:57 rulcmc su: FAILED SU (to root) joost on none
Jun 12 23:06:28 rulcmc last message repeated 552 times
Jun 12 23:07:29 rulcmc last message repeated 1069 times
Jun 12 23:08:30 rulcmc last message repeated 1165 times
[and so on, for hours]
Hell, I know I often misspell my root passwd, but 1165 times in 61
seconds? No, I'm sure I never did that.
Does anybody know what may cause this?
("joost" is myself, and I'm quite sure nobody else who just cracked
my "joost" passwd would start attempting to su to root with thousands
different passwds: once somebody 's got "joost", they've got root
without cracking the root passwd).
--
joost witteveen, [EMAIL PROTECTED]
#!/usr/bin/perl -sp0777i<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<j]dsj
$/=unpack('H*',$_);$_=`echo 16dio\U$k"SK$/SM$n\EsN0p[lN*1
lK[d2%Sa2/d0$^Ixp"|dc`;s/\W//g;$_=pack('H*',/((..)*)$/)
#what's this? see http://www.dcs.ex.ac.uk/~aba/rsa/
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
[EMAIL PROTECTED] .
Trouble? e-mail to [EMAIL PROTECTED] .
