Attempted SSH Logins
From: Nathaniel Hall (halln_at_otc.edu)
Date: 08/03/04
- Previous message: Donald Tyler: "Intermittent sendmail problems for users"
- Next in thread: Jenkins, Jeremiah: "RE: Attempted SSH Logins"
- Maybe reply: Jenkins, Jeremiah: "RE: Attempted SSH Logins"
- Maybe reply: Steve Kozakoff: "Re: Attempted SSH Logins"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To: <redhat-list@redhat.com> Date: Tue, 3 Aug 2004 11:22:50 -0500
Hi all.
I have been monitoring our logs over the past several weeks using logwatch
and have noticed several of these entries (known entries omitted):
sshd:
Invalid Users:
Unknown Account: 5 Time(s)
Authentication Failures:
test (server.bes1.com ): 2 Time(s)
root (server.bes1.com ): 3 Time(s)
unknown (server.bes1.com ): 4 Time(s)
The source addresses vary. I always see the same accounts from different
addresses with a different number of tries. When I see these, there is only
one source, never a mix of sources. The next day, it might be a different
source, but it is the only one.
Is anybody else seeing this in their logs where I shouldn't be as worried or
is this directed at us?
~~~~~~~~~~~~~~~~~~~~~~~~~~
Nathaniel Hall
Intrusion Detection and Firewall Technician
Ozarks Technical Community College -- Office of Computer Networking
halln@otc.edu
417-799-0552
-- redhat-list mailing list unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
- Previous message: Donald Tyler: "Intermittent sendmail problems for users"
- Next in thread: Jenkins, Jeremiah: "RE: Attempted SSH Logins"
- Maybe reply: Jenkins, Jeremiah: "RE: Attempted SSH Logins"
- Maybe reply: Steve Kozakoff: "Re: Attempted SSH Logins"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
