More SSH 'trolling'
Edwin Dicker
edwin at dicker.nl
Thu Oct 14 18:42:41 UTC 2004
----- Original Message -----
From: "Alexander Dalloz" <alexander.dalloz at uni-bielefeld.de>
To: "For users of Fedora Core releases" <fedora-list at redhat.com>
Sent: Thursday, 14 October, 2004 19:28
Subject: Re: More SSH 'trolling'
Again an old hacked Redhat box :( If you do a port scan on the above
given IP address you will quickly find both the reason why it is being
hacked (old, unpatched services) and the indicator that it is a hacked
box:
101/tcp open ssh SSH 1.2.32 (protocol 1.5)
Seen that for so many hosts now which are involved in the SSH login
attempts.
Folks, if anyone of you are still running an old Redhat release which is
not managed any more regarding security updates and you don't update
your own from sources, please take those hosts from the net immediately!
Alexander
Alexander has done some investigation :) good work !
I dont know if it has been come to anyones attention but I have these
'hack-attempts' only since I've subscribed to this list !!!
Before that, nobody bothered me other then looking for a open relay system.
Maybe anyone knows someone who is not subscribed to this list and has these
attempts as well ??
It might well be possible that someone is trying to hack us only .
Just my thoughts,
Edwin
More information about the fedora-list
mailing list