OpenSSH
Jay Summers
jay at bizmanualz.com
Tue Aug 3 22:42:51 UTC 2004
On Aug 3, 2004, at 5:31 PM, Mike Burger wrote:
> There've been a ton of sshd scans/attempts, all over, lately. There
> was
> some mention of it on one of the other Red Hat lists.
Ditto there. I just sent a message today to one of my other user-lists
asking about a possible SSH exploit. Is there some kind of new script
kiddie script released recently or some kind of h4x0r contest going on?
I've seen a different scan on all 3 of my boxes at least every other
hour. It probably started occurring more than a week ago. Here's a snip
from my logs.
Aug 3 06:31:41 www sshd[18216]: Illegal user test from 210.114.220.147
Aug 3 06:31:42 www sshd[18216]: Failed password for illegal user test
from 210.114.220.147 port 49847 ssh2
Aug 3 06:31:44 www sshd[18219]: Illegal user guest from 210.114.220.147
Aug 3 06:31:45 www sshd[18219]: Failed password for illegal user guest
from 210.114.220.147 port 49881 ssh2
Aug 3 06:32:12 www sshd[18223]: Illegal user test from 210.114.220.147
Aug 3 06:32:12 www sshd[18223]: Failed password for illegal user test
from 210.114.220.147 port 50171 ssh2
Aug 3 06:32:14 www sshd[18225]: Illegal user guest from 210.114.220.147
Aug 3 06:32:15 www sshd[18225]: Failed password for illegal user guest
from 210.114.220.147 port 50208 ssh2
Regards,
Jay
More information about the fedora-legacy-list
mailing list