[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Intento de acceso no autorizado



Jesús Genicio escribió:
> Hola:
> 
> He instalado un sistema de vigilancia por webcam y motion en unas
> casas, y al revisar los log, he visto que me han intentado acceder por
> fuerza bruta através de ssh. De la manera:
> 
> Feb 16 15:22:10 DebianTesting sshd[31067]: pam_unix(sshd:auth):
> authentication failure; logname= uid=0 euid=0 tty=ssh ruser=
> rhost=200.31.162.147
> Feb 16 15:22:13 DebianTesting sshd[31067]: Failed password for invalid
> user hakan from 200.31.162.147 port 35498 ssh2
> Feb 16 15:22:17 DebianTesting sshd[31069]: reverse mapping checking
> getaddrinfo for net-162-pc147.salnet.net [200.31.162.147] failed -
> POSSIBLE BREAK-IN ATTEMPT!
> Feb 16 15:22:17 DebianTesting sshd[31069]: Invalid user hakan from
> 200.31.162.147
> Feb 16 15:22:17 DebianTesting sshd[31069]: pam_unix(sshd:auth): check
> pass; user unknown
> Feb 16 15:22:17 DebianTesting sshd[31069]: pam_unix(sshd:auth):
> authentication failure; logname= uid=0 euid=0 tty=ssh ruser=
> rhost=200.31.162.147
> Feb 16 15:22:19 DebianTesting sshd[31069]: Failed password for invalid
> user hakan from 200.31.162.147 port 36854 ssh2
> Feb 16 15:22:22 DebianTesting sshd[31071]: reverse mapping checking
> getaddrinfo for net-162-pc147.salnet.net [200.31.162.147] failed -
> POSSIBLE BREAK-IN ATTEMPT!
> Feb 16 15:22:22 DebianTesting sshd[31071]: Invalid user natasha from
> 200.31.162.147
> Feb 16 15:22:22 DebianTesting sshd[31071]: pam_unix(sshd:auth): check
> pass; user unknown
> Feb 16 15:22:22 DebianTesting sshd[31071]: pam_unix(sshd:auth):
> authentication failure; logname= uid=0 euid=0 tty=ssh ruser=
> rhost=200.31.162.147
> Feb 16 15:22:24 DebianTesting sshd[31071]: Failed password for invalid
> user natasha from 200.31.162.147 port 38201 ssh2
> Feb 16 15:22:27 DebianTesting sshd[31073]: reverse mapping checking
> getaddrinfo for net-162-pc147.salnet.net [200.31.162.147] failed -
> POSSIBLE BREAK-IN ATTEMPT!
> Feb 16 15:22:27 DebianTesting sshd[31073]: Invalid user natasha from
> 200.31.162.147
> Feb 16 15:22:27 DebianTesting sshd[31073]: pam_unix(sshd:auth): check
> pass; user unknown
> Feb 16 15:22:27 DebianTesting sshd[31073]: pam_unix(sshd:auth):
> authentication failure; logname= uid=0 euid=0 tty=ssh ruser=
> rhost=200.31.162.147
> Feb 16 15:22:29 DebianTesting sshd[31073]: Failed password for invalid
> user natasha from 200.31.162.147 port 39787 ssh2
> Feb 16 15:22:32 DebianTesting sshd[31075]: reverse mapping checking
> getaddrinfo for net-162-pc147.salnet.net [200.31.162.147] failed -
> POSSIBLE BREAK-IN ATTEMPT!
> Feb 16 15:22:32 DebianTesting sshd[31075]: Invalid user natasha from
> 200.31.162.147
> Feb 16 15:22:32 DebianTesting sshd[31075]: pam_unix(sshd:auth): check
> pass; user unknown
> Feb 16 15:22:32 DebianTesting sshd[31075]: pam_unix(sshd:auth):
> authentication failure; logname= uid=0 euid=0 tty=ssh ruser=
> rhost=200.31.162.147
> Feb 16 15:22:33 DebianTesting sshd[31075]: Failed password for invalid
> user natasha from 200.31.162.147 port 40764 ssh2
> Feb 16 15:22:35 DebianTesting sshd[31077]: reverse mapping checking
> getaddrinfo for net-162-pc147.salnet.net [200.31.162.147] failed -
> POSSIBLE BREAK-IN ATTEMPT!
> Feb 16 15:22:35 DebianTesting sshd[31077]: Invalid user natasha from
> 200.31.162.147
> Feb 16 15:22:35 DebianTesting sshd[31077]: pam_unix(sshd:auth): check
> pass; user unknown
> Feb 16 15:22:35 DebianTesting sshd[31077]: pam_unix(sshd:auth):
> authentication failure; logname= uid=0 euid=0 tty=ssh ruser=
> rhost=200.31.162.147
> Feb 16 15:22:37 DebianTesting sshd[31077]: Failed password for invalid
> user natasha from 200.31.162.147 port 41795 ssh2
> Feb 16 15:22:43 DebianTesting sshd[31079]: reverse mapping checking
> getaddrinfo for net-162-pc147.salnet.net [200.31.162.147] failed -
> POSSIBLE BREAK-IN ATTEMPT!
> Feb 16 15:22:43 DebianTesting sshd[31079]: Invalid user ben from 200.31.162.147
> Feb 16 15:22:43 DebianTesting sshd[31079]: pam_unix(sshd:auth): check
> pass; user unknown
> 
> 
> Como pdeis ver es desde la ip:200.31.162.147
> 
> Pues bien, ponedla en un navegador y os da la risa, o al menos a mi me
> dio.( no hay riesgo en ello, tranquilos)
> 
> Ya me contareis :)
> 
> S2.
> 
> 

hacele la misma, haber si le gusta :D

-- 
Carlos Albornoz C.
Linux User #360502
http://carlos.deathlock.org
fono: 97864420


Reply to: