I too get those type of probes here at our location. We usually just block the ip once we notice it happening. Vince > -----Original Message----- > From: redhat-list-bounces@xxxxxxxxxx > [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Michael D. Berger > Sent: Wednesday, January 04, 2006 1:37 PM > To: 'General Red Hat Linux discussion list' > Subject: RE: is this an intruder? > > I get such an attacks with irregular frequency, averaging > about one attack per day. The longest attack that I > measured ran for over an hour and tried more that 1100 user > names. They are rarely, if ever, from the same ip address. > > Mike. > > -- > Michael D. Berger > m.d.berger@xxxxxxxx > > > -----Original Message----- > > From: redhat-list-bounces@xxxxxxxxxx > > [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Marty Landman > > Sent: Wednesday, January 04, 2006 1:04 PM > > To: redhat-list@xxxxxxxxxx > > Subject: is this an intruder? > > > > > > Here's what I'm seeing on /var/log/messages: > > > [...] > > > > > Not sure if I'm reading this right as this is new to me but > it appears > > someone in Denmark spent about 10 minutes trying a variety > of userid's > > to start an ssh session on my network gateway. > > > > > > Marty > > > > > > Marty Landman, Face 2 Interface Inc. 845-679-9387 > Webmaster's Bulletin > > Board: http://bbs.face2interface.com/ Web Installed Formmail: > > http://face2interface.com/formINSTal > > > > -- > > redhat-list mailing list > > unsubscribe > mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > > https://www.redhat.com/mailman/listinfo/redhat-list > > > > > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list > -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
