Break-in Attempts
Net Llama!
netllama
Sun Jan 8 15:22:50 PST 2006
I regret that these aren't new, and are likely automated attacks from
bots. I've seen these types of brute force attacks going back over a
year ago.
On 01/08/2006 11:26 AM, Kurt Wall wrote:
> Someone is trying really lamely to break into my box using a dictionary
> attack. I have 2280 of these in my logs:
>
> sshd[24079]: Invalid user patrick from 220.163.44.81
> sshd[24083]: Invalid user patrick from 220.163.44.81
> sshd[25460]: Invalid user fluffy from 202.142.105.78
> sshd[25464]: Invalid user admin from 202.142.105.78
>
> And 2504 of these:
>
> sshd[24075]: Failed password for nobody from 220.163.44.81 port 49155 ssh2
> sshd[24079]: Failed password for invalid user patrick from 220.163.44.81 port 49195 ssh2
> sshd[24083]: Failed password for invalid user patrick from 220.163.44.81 port 49225 ssh2
>
> But only 270 of these:
>
> sshd[6667]: Address 195.226.181.130 maps to www.vipbusiness.de, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
> sshd[6695]: Address 195.226.181.130 maps to www.vipbusiness.de, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
> sshd[6731]: Address 195.226.181.130 maps to www.vipbusiness.de, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
>
> Jerks. Children.
>
> Kurt
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
L. Friedman netllama at linux-sxs.org
LlamaLand http://netllama.linux-sxs.org
12:10:01 up 1 day, 2:49, 1 user, load average: 0.00, 0.00, 0.00
More information about the Linux-users
mailing list