Re: [PLUG] Increase in SSH break-in attempts?

Art Alexion on 26 Apr 2005 15:27:36 -0000

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Increase in SSH break-in attempts?

From: Art Alexion <art.alexion@verizon.net>

To: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Subject: Re: [PLUG] Increase in SSH break-in attempts?

Date: Tue, 26 Apr 2005 11:28:28 -0400

Reply-to: art.alexion@verizon.net, Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Sender: plug-bounces@lists.phillylinux.org

User-agent: Mozilla Thunderbird 1.0.2 (X11/20050317)

I have a system that uses 'sudo <command>' instead of 'su', though I have created a real root account in addition. Does this create a greater risk for root break-ins? Chris wrote: >I always thought this was rather common. When I check our logs I see 30 or >40 attempts within a minute trying random usernames about once or twice a >day. So far I have chalked it up to script kiddies or some other vein >attempt to find an easy way inside. I was surprised to learn our webhost >(Verio) just recently is disabling remote root login over SSH. Thankfully we >already standardized disabling our root logins but I would hate to think of >all those people who didn't AND have easily cracked usernames/passwords. > > >Chris. > >-----Original Message----- >From: plug-bounces@lists.phillylinux.org >[mailto:plug-bounces@lists.phillylinux.org] On Behalf Of Mike Leone >Sent: Tuesday, April 26, 2005 10:11 AM >To: PLUG ML >Subject: [PLUG] Increase in SSH break-in attempts? > >Anybody else noticing an increase lately, in the number of break-in attempts >via SSH? I'm seeing more and more things like this, over the last few weeks: > > -- _______________________________________ Art Alexion Arthur S. Alexion LLC arthur [at] alexion [dot] com aim: aalexion sms: 2679725536 [at] messaging [dot] sprintpcs [dot] com PGP fingerprint: 52A4 B10C AA73 096F A661 92D2 3B65 8EAC ACC5 BA7A The attachment -- signature.asc -- is my electronic signature; no need for alarm. Info @ http://mysite.verizon.net/art.alexion/encryption/signature.asc.what.html Key for signed PDFs available at http://mysite.verizon.net/art.alexion/encryption/ArthurSAlexion.p7c The validation string is TTJY-ZILJ-BJJG. ________________________________________
Attachment: signature.asc
Description: OpenPGP digital signature

___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug

Follow-Ups:

Re: [PLUG] Increase in SSH break-in attempts?
From: Cosmin Nicolaescu <cos@camelot.homelinux.com>

References:

RE: [PLUG] Increase in SSH break-in attempts?
From: "Chris" <chris@chrisbovasso.com>

Prev by Date: Re: [PLUG] Increase in SSH break-in attempts?

Next by Date: Re: [PLUG] Increase in SSH break-in attempts?

Previous by thread: Re: [PLUG] Increase in SSH break-in attempts?

Next by thread: Re: [PLUG] Increase in SSH break-in attempts?

Index(es):

Date

Thread