From my /var/adm/log.auth:
Jun 12 20:53:57 rulcmc su: (to root) joost on /dev/ttyp6
Jun 12 21:00:20 rulcmc su: (to root) joost on /dev/ttyp6
Jun 12 23:05:57 rulcmc su: FAILED SU (to root) joost on none
Jun 12 23:06:28 rulcmc last message repeated 552 times
Jun 12 23:07:29 rulcmc last message repeated 1069 times
Jun 12 23:08:30 rulcmc last message repeated 1165 times
[and so on, for hours]
Hell, I know I often misspell my root passwd, but 1165 times in 61
seconds? No, I'm sure I never did that.
Does anybody know what may cause this?
(joost is myself, and I'm quite sure nobody else who just cracked
my joost passwd would start attempting to su to root with thousands
different passwds: once somebody 's got joost, they've got root
without cracking the root passwd).
--
joost witteveen, [EMAIL PROTECTED]
#!/usr/bin/perl -sp0777iX+d*lMLa^*lN%0]dsXx++lMlN/dsM0j]dsj
$/=unpack('H*',$_);$_=`echo 16dio\U$kSK$/SM$n\EsN0p[lN*1
lK[d2%Sa2/d0$^Ixp|dc`;s/\W//g;$_=pack('H*',/((..)*)$/)
#what's this? see http://www.dcs.ex.ac.uk/~aba/rsa/
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to
[EMAIL PROTECTED] .
Trouble? e-mail to [EMAIL PROTECTED] .