Re: pam problem

To: debian-user@lists.debian.org
Subject: Re: pam problem
From: Camaleón <noelamac@gmail.com>
Date: Sun, 20 May 2012 10:55:55 +0000 (UTC)
Message-id: <[🔎] jpaijr$u2v$4@dough.gmane.org>
References: <[🔎] 0F79E416-0869-4AC8-847B-F0006B82E5A1@slsware.com> <[🔎] jp9069$27j$28@dough.gmane.org> <[🔎] B02529FB-1EA4-4A91-9EA2-5E06A251FD64@slsware.com>

On Sat, 19 May 2012 15:04:28 -0600, Glenn English wrote:

> On May 19, 2012, at 2:35 PM, Camaleón wrote:
> 
>> You can also run rkhunter to scan your system.
> 
> Done. It says:
> 
> File properties checks...
>     Files checked: 128
>     Suspect files: 0
> 
> Rootkit checks...
>     Rootkits checked : 110
>     Possible rootkits: 0
> 
> Applications checks...
>     Applications checked: 6
>     Suspect applications: 0
> 
> Next?? :-)

It seems clean :-)

Next I'll do is:

1/ Monitor the Fail2ban logs to check if the attack is still in place.

2/ Try to find out the IP source of the machine(s) that is generating 
this just to confirm this is a common dictionary attack and nothing more 
serious or from a different nature.

And there's no much you can do, sadly this is a usual situation for every 
service (web server, ftp, ssh, smtp, pop3/imap...) that is connected to 
Internet: once you are online you'll be fried ;-(

Greetings,

-- 
Camaleón

Reply to:

Follow-Ups:
- Re: pam problem
  - From: Glenn English <ghe@slsware.com>

References:
- pam problem
  - From: Glenn English <ghe@slsware.com>
- Re: pam problem
  - From: Camaleón <noelamac@gmail.com>
- Re: pam problem
  - From: Glenn English <ghe@slsware.com>

Prev by Date: Re: pam problem
Next by Date: Re: Has anyone successfully installed Cinnamon in Debian?
Previous by thread: Re: pam problem
Next by thread: Re: pam problem
Index(es):
- Date
- Thread