Re: [Fwd: security]

To: debian-security@lists.debian.org
Subject: Re: [Fwd: security]
From: michael <linux@networkingnewsletter.org.uk>
Date: Sat, 29 Jan 2005 17:22:47 +0000
Message-id: <[🔎] 1107019367.27841.5.camel@localhost.localdomain>
In-reply-to: <[🔎] 20050129154426.GA8809@mail.braingia.org>
References: <[🔎] 1107011135.20873.2.camel@localhost.localdomain> <[🔎] 20050129154426.GA8809@mail.braingia.org>

On Sat, 2005-01-29 at 09:44 -0600, Steve Suehring wrote:
> Could it be this?
> 
> http://lists.sans.org/pipermail/intrusions/2004-August/008357.html
> 
> You didn't specify which usernames were being used, so it's tough to 
> tell if that's the same.

There seems to be two sets, one is half a dozen attempts at {test,
guest, admin, user} and the other is one attempt at people's names in an
alphabetical order. 

> 
> A couple of simple and quick things that I might do if this was a
> concern:

Thanks, I'll look into them when get into work. Apart from securing my
boxes I'm also wondering if there's any way to track where the attacks
are originating from (or even what to ask people to check their machines
for (eg executable names etc) - there's some hints in that URL that I'll
begin with.

Michael

Reply to:

References:
- [Fwd: security]
  - From: michael <linux@networkingnewsletter.org.uk>
- Re: [Fwd: security]
  - From: Steve Suehring <dsec@braingia.org>

Prev by Date: Re: [Fwd: security]
Next by Date: Re: woody kernel image
Previous by thread: Re: [Fwd: security]
Next by thread: Re: [Fwd: security]
Index(es):
- Date
- Thread