| Art Alexion on 26 Apr 2005 16:00:50 -0000 |
|
Chris wrote: >I always thought this was rather common. When I check our logs I see 30 or >40 attempts within a minute trying random usernames about once or twice a >day. Anybody else noticing an increase lately, in the number of break-in attempts >via SSH? I'm seeing more and more things like this, over the last few weeks: > > >----- Forwarded message from logcheck@localhost ----- > > >I'm up to date on patches, I believe, especially for SSH. Some new hot thing >among script kiddies? Or have I just not noticed, since I haven't been >running logcheck until recently? > > I'm using LogWatch, which seems similar to logcheck. Can anyone recommend a parsing or reporting tool that makes this stuff more meaningful? -- _______________________________________ Art Alexion Arthur S. Alexion LLC arthur [at] alexion [dot] com aim: aalexion sms: 2679725536 [at] messaging [dot] sprintpcs [dot] com PGP fingerprint: 52A4 B10C AA73 096F A661 92D2 3B65 8EAC ACC5 BA7A The attachment -- signature.asc -- is my electronic signature; no need for alarm. Info @ http://mysite.verizon.net/art.alexion/encryption/signature.asc.what.html Key for signed PDFs available at http://mysite.verizon.net/art.alexion/encryption/ArthurSAlexion.p7c The validation string is TTJY-ZILJ-BJJG. ________________________________________ Attachment:
signature.asc ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|