Art Alexion on 26 Apr 2005 15:27:36 -0000

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Increase in SSH break-in attempts?

I have a system that uses 'sudo <command>' instead of 'su', though I
have created a real root account in addition.  Does this create a
greater risk for root break-ins?

Chris wrote:

>I always thought this was rather common. When I check our logs I see 30 or
>40 attempts within a minute trying random usernames about once or twice a
>day. So far I have chalked it up to script kiddies or some other vein
>attempt to find an easy way inside. I was surprised to learn our webhost
>(Verio) just recently is disabling remote root login over SSH. Thankfully we
>already standardized disabling our root logins but I would hate to think of
>all those people who didn't AND have easily cracked usernames/passwords.
>-----Original Message-----
>[] On Behalf Of Mike Leone
>Sent: Tuesday, April 26, 2005 10:11 AM
>Subject: [PLUG] Increase in SSH break-in attempts?
>Anybody else noticing an increase lately, in the number of break-in attempts
>via SSH? I'm seeing more and more things like this, over the last few weeks:


Art Alexion
Arthur S. Alexion LLC
arthur [at] alexion [dot] com
aim: aalexion
sms: 2679725536 [at] messaging [dot] sprintpcs [dot] com

PGP fingerprint: 52A4 B10C AA73 096F A661  92D2 3B65 8EAC ACC5 BA7A
The attachment -- signature.asc -- is my electronic signature; no need for alarm.
Info @

Key for signed PDFs available at
The validation string is TTJY-ZILJ-BJJG.

Attachment: signature.asc
Description: OpenPGP digital signature

Philadelphia Linux Users Group         --
Announcements -
General Discussion  --