[Tfug] Anybody here of a new SSH vulnerability?
Jeremy D. Rogers
jdrogers at optics.arizona.edu
Wed Jul 28 11:36:35 MST 2004
I also have lots of those in my logs.. plenty attempts with user, admin,
guest, test, and mail from 134.21.2.227
They are sporadic and few enought that I wouldn't be suprised if they
were just manual probes (rather than scripts), but I guess thats why we
use passwords that aren't 'passwd' or 'test'.
Cheers,
JDR
On Wed, Jul 28, 2004 at 11:11:12AM -0700, Choprboy wrote:
> Anybody here anything more on this? I still haven't seen anything on
> SecurityFocus, etc... And I'm still getting hit multiple times every day on
> various server accross the country.
>
> Logwatch daily logs look like:
> Illegal users from these:
> admin/none from 219.120.54.178: 2 Time(s)
> admin/password from 219.120.54.178: 2 Time(s)
> guest/none from 216.99.211.35: 1 Time(s)
> guest/none from 219.120.54.178: 1 Time(s)
> guest/password from 216.99.211.35: 1 Time(s)
> guest/password from 219.120.54.178: 1 Time(s)
> test/none from 216.99.211.35: 1 Time(s)
> test/none from 219.120.54.178: 2 Time(s)
> test/password from 216.99.211.35: 1 Time(s)
> test/password from 219.120.54.178: 2 Time(s)
> user/none from 219.120.54.178: 1 Time(s)
> user/password from 219.120.54.178: 1 Time(s)
>
>
> Adrian
> _______________________________________________
> tfug mailing list
> tfug at tfug.org
> https://www.tfug.org/mailman/listinfo/tfug
More information about the tfug
mailing list