[Fedora] hack attempt on my server...What do you do about this?
Lew Bloch
conrad at lewscanon.com
Sun Jul 18 15:45:50 UTC 2004
> Date: Sat, 17 Jul 2004 13:52:33 -0600
> From: "Ashley M. Kirchner"
> For example, I have absolutely no
> problem what so ever blocking the entire network belonging to Media
> Dream Land (69.42.96.0/19), who are just a big ass spamming network.
> You can all start flaming me now.
This is a pre-flame against anyone who disagrees with you! You are so
right.
I'm using an external router/firewall, but the information is still
incredibly useful. Between the Linux/Fedora community and grc.com I'm
getting much useful knowledge against the crackers ("hacker" used to be
a compliment), spammers and other evil cyber-folk.
One thing the original poster seems to have discovered:
> Jul 17 14:42:27 localhost sshd[6748]:
> Illegal user guest from 130.120.81.14
> Jul 17 14:42:30 localhost sshd[6748]:
> Failed password for illegal user guest
> from 130.120.81.14 port 48753 ssh2
is that Linux security is fairly strong against such attacks, provided
of course you don't have a hackable "test" or "guest" username.
Another lesson is that it's dirty and dangerous out there in cyberspace.
You've got to actively and diligently protect yourself.
It is often a Linux hacker (in the complimentary meaning) who cares
about, discovers, analyzes and requests advice on such intrusions. Thus
this list is helpful even for non-Fedora folks.
More information about the fedora-list
mailing list