[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: More SSH 'trolling'




----- Original Message ----- From: "Alexander Dalloz" <alexander dalloz uni-bielefeld de>
To: "For users of Fedora Core releases" <fedora-list redhat com>
Sent: Thursday, 14 October, 2004 19:28
Subject: Re: More SSH 'trolling'


Again an old hacked Redhat box :( If you do a port scan on the above
given IP address you will quickly find both the reason why it is being
hacked (old, unpatched services) and the indicator that it is a hacked
box:

101/tcp open ssh SSH 1.2.32 (protocol 1.5)

Seen that for so many hosts now which are involved in the SSH login
attempts.

Folks, if anyone of you are still running an old Redhat release which is
not managed any more regarding security updates and you don't update
your own from sources, please take those hosts from the net immediately!

Alexander



Alexander has done some investigation :) good work !
I dont know if it has been come to anyones attention but I have these 'hack-attempts' only since I've subscribed to this list !!!
Before that, nobody bothered me other then looking for a open relay system.
Maybe anyone knows someone who is not subscribed to this list and has these attempts as well ??
It might well be possible that someone is trying to hack us only .


Just my thoughts,
Edwin



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]