[olug] attempted attacks

[VHP3]

www.incidents.org had a discussion this morning on SSH
brute force attacks that were occuring.  Granted that
maybe they were going on for 6 months previous to
today, but it was enough (new) action that it raised
the eyebrows of the SANS folks.

Vince

--- Eric Lusk <wyrmzr72 at yahoo.com> wrote:
> Someone has too much time on their hands.  They have
> to to be trying to log into my server.  All of it's
> coming from a couple of systems in Asia, one of
> which
> is a web server, or at least they're masquerading as
> 202.55.229.226, along with a couple of other IP
> addresses.  The attempted logins as root don't
> bother
> me; even I can't log in remotely as root :)  But the
> above IP has been trying to guess usernames, and may
> have even brought down my internet service for a
> while
> yesterday.  Time to implement some tighter measures,
> such as changing my ssh server port away from 22.
> I doubt the sysadmins or ISPs of any of the
> attacking
> systems are going to do much; in my experience, most
> Asian ISPs don't care; some even seem to be
> encouraging hackers.
> At the least, it's time to modify the users on my
> system, using unusual usernames.  One of the systems
> was going through and trying to guess usernames on
> the system.
> 
> http://www.ericshaus.com
> Alcohol and Calculus don't mix.  Never drink and
> derive.
> 
> 
> 	
> 		
> __________________________________ 
> Celebrate Yahoo!'s 10th Birthday! 
> Yahoo! Netrospective: 100 Moments of the Web 
> http://birthday.yahoo.com/netrospective/
> _______________________________________________
> OLUG mailing list
> OLUG at olug.org
> http://lists.olug.org/mailman/listinfo/olug
> 

"They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety."   -- Benjamin Franklin

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com