Re: Illegal user ssh probes
From: Rob Hughes (rob_at_robhughes.com)
To: email@example.com Date: Tue, 28 Sep 2004 06:25:53 -0500
On Sat, 2004-09-25 at 17:39 +1000, Frank Hamersley wrote:
> On examining /var/log/secure for several firewalls I manage remotely using
> ssh I have observed a recurrent pattern of probing over the last several
> that attempts to connect using user id's in the following order...
> test / guest / admin / admin / user / test
> Is anybody else seeing this?
> Regards, Frank.
This was reported a few weeks back. There are a large number of hosts
scanning for default accounts. And yes, I'm seeing it too.
-- If at first you don't succeed, skydiving is not for you.