Re: Illegal user ssh probes
From: Rob Hughes (rob_at_robhughes.com)
Date: 09/28/04
- Previous message: mghofran_at_caregroup.harvard.edu: "RE: Illegal user ssh probes"
- In reply to: Frank Hamersley: "Illegal user ssh probes"
- Next in thread: Frank Hamersley: "RE: Illegal user ssh probes"
- Reply: Frank Hamersley: "RE: Illegal user ssh probes"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: secureshell@securityfocus.com Date: Tue, 28 Sep 2004 06:25:53 -0500
On Sat, 2004-09-25 at 17:39 +1000, Frank Hamersley wrote:
> On examining /var/log/secure for several firewalls I manage remotely using
> ssh I have observed a recurrent pattern of probing over the last several
> that attempts to connect using user id's in the following order...
>
> test / guest / admin / admin / user / test
>
> Is anybody else seeing this?
>
> Regards, Frank.
>
This was reported a few weeks back. There are a large number of hosts
scanning for default accounts. And yes, I'm seeing it too.
-- If at first you don't succeed, skydiving is not for you.
- Previous message: mghofran_at_caregroup.harvard.edu: "RE: Illegal user ssh probes"
- In reply to: Frank Hamersley: "Illegal user ssh probes"
- Next in thread: Frank Hamersley: "RE: Illegal user ssh probes"
- Reply: Frank Hamersley: "RE: Illegal user ssh probes"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
