Re: Illegal user ssh probes

From: Rob Hughes (rob_at_robhughes.com)
Date: 09/28/04

  • Next message: Huijsmans, JCM (Jan): "RE: Illegal user ssh probes"
    To: secureshell@securityfocus.com
    Date: Tue, 28 Sep 2004 06:25:53 -0500
    
    

    On Sat, 2004-09-25 at 17:39 +1000, Frank Hamersley wrote:
    > On examining /var/log/secure for several firewalls I manage remotely using
    > ssh I have observed a recurrent pattern of probing over the last several
    > that attempts to connect using user id's in the following order...
    >
    > test / guest / admin / admin / user / test
    >
    > Is anybody else seeing this?
    >
    > Regards, Frank.
    >

    This was reported a few weeks back. There are a large number of hosts
    scanning for default accounts. And yes, I'm seeing it too.

    -- 
    If at first you don't succeed, skydiving is not for you.
    

  • Next message: Huijsmans, JCM (Jan): "RE: Illegal user ssh probes"