Re: crack attempt?

To: debian-user@lists.debian.org
Cc: debian-user@lists.debian.org
Subject: Re: crack attempt?
From: John Summerfield <debian@ComputerDatasafe.com.au>
Date: Tue, 10 Aug 2004 17:29:08 +0800
Message-id: <[🔎] 41189564.1020706@ComputerDatasafe.com.au>
Reply-to: root@llocalhost.dyndns.org
In-reply-to: <20040810081550.GA3246@###>
References: <[🔎] 20040810073320.GD2106@serensoft.com> <20040810081550.GA3246@###>

Philippe Marzouk wrote:

On Tue, Aug 10, 2004 at 02:33:20AM -0500, Will Trillich wrote:

aha -- i think i actually attracted a script kiddie!

[...]

----- End forwarded message -----

the fact that each attempt is a few seconds from the previous
one (and that there were only eight tries) leads me to believe
this was a human, and not a 'bot of some sort.

he even tried "guest"! (standard windows hole -- is it of likely
cnocern to a debian system?)


I have exactly the same thing in my logs since a few weeks. In general
from IPs with no reverse DNS set.
They test guest, test sometimes root.
It may be some automated tools as it is always the same logins which are
tried.

I don't worry about it as I do not have this kind of users on my systems
and root is of course not allowed direct ssh login.


Same here, I saw someone knocking on one of my doors the other day.


--

Cheers
John

-- spambait
1aaaaaaa@computerdatasafe.com.au  Z1aaaaaaa@computerdatasafe.com.au
Tourist pics http://portgeographe.environmentaldisasters.cds.merseine.nu/

Reply to:

References:
- crack attempt?
  - From: Will Trillich <will@serensoft.com>
- Re: crack attempt?
  - From: Philippe Marzouk <phil-antispam@ozigo.org>

Prev by Date: mouse doesn't work on xWindow
Next by Date: Re: Progeny
Previous by thread: Re: crack attempt?
Next by thread: Re: crack attempt?
Index(es):
- Date
- Thread