Ive had a company trying to hack my home system from Paris. They didnt manage to do anything, and infact I found it quite a challenge. I ran whois on the domain name and got their information. I then got on to their website, found the webmaster email account and sent them a very nasty rude email along with evidance of them attempting to access my machine without permission. Needless to say, I now dont have any problems from them. James --- Bob Smith <bob@xxxxxxxxxx> wrote: > If you do a dig -x, and then check some of the websites, you see that a > lot of these are coming out of Korea and China. I've had the same > attempts on my systems and got curious. Some were coming from the > Chemistry department of one of the Universities in China. > > Also, one of the accounts being tried here is "guest" which is a common > Microsoft account. Makes me wonder if they aren't looking to hack > Windows systems. > > -Bob > > Jenkins, Jeremiah wrote: > > >There are some script kiddies out there running automated attacks. If you > >look at your secure log /var/log/secure, you will see that they try for a > >few times then move on. if you google on the error message you will find > >numerous threads on the subject. > > > >-----Original Message----- > >From: Nathaniel Hall [mailto:halln@xxxxxxx] > >Sent: Tuesday, August 03, 2004 12:23 PM > >To: redhat-list@xxxxxxxxxx > >Subject: Attempted SSH Logins > > > > > >Hi all. > > > > > > > >I have been monitoring our logs over the past several weeks using logwatch > >and have noticed several of these entries (known entries omitted): > > > > > > > >sshd: > > > > Invalid Users: > > > > Unknown Account: 5 Time(s) > > > > Authentication Failures: > > > > test (server.bes1.com ): 2 Time(s) > > > > root (server.bes1.com ): 3 Time(s) > > > > unknown (server.bes1.com ): 4 Time(s) > > > > > > > >The source addresses vary. I always see the same accounts from different > >addresses with a different number of tries. When I see these, there is > only > >one source, never a mix of sources. The next day, it might be a different > >source, but it is the only one. > > > > > > > >Is anybody else seeing this in their logs where I shouldn't be as worried > or > >is this directed at us? > > > > > > > > > > > >~~~~~~~~~~~~~~~~~~~~~~~~~~ > > > >Nathaniel Hall > > > >Intrusion Detection and Firewall Technician > > > >Ozarks Technical Community College -- Office of Computer Networking > > > > > > > >halln@xxxxxxx > > > >417-799-0552 > > > > > > > > > > > > > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list > __________________________________ Do you Yahoo!? New and Improved Yahoo! Mail - Send 10MB messages! http://promotions.yahoo.com/new_mail -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
