Re: SSH attacks?

From: Robin (
Date: 07/30/04

  • Next message: Brian C. Lane: "Re: SSH attacks?"
    Date: Fri, 30 Jul 2004 12:58:10 +1200

    Hash: SHA1

    On Friday 30 July 2004 05:22, Marcus Merrin wrote:
    > I saw the same thing about a month ago, only the selection of usernames
    > was much wider, including graceland, metro, elvis, matrix and many more
    I have seen the same. I think (although haven't tried to verify) that these
    are Nessus test.

    > including guest and test. It was traced to a host in Japan but I
    > haven't heard back from them if any action was taken. Maybe the current
    My last batch of Nessus scans, a few days ago, was from Taiwan. Apparently
    action was taken (I got a reply saying that the report was being forwarded to
    the institution security people) and the scans stopped.

    > wave is a cut-down version of a more comprehensive tool? Attacks on my
    > client's servers went on for about an hour at a time.
    Just grepping through my logs, since Jul 21 I have been seeing the test and
    guest ones. I have also seen one source that ran through: test, guest, admin,
    admin, user, root, root, root, test.

    Otherwise it's all been test and guest (or people making typos).
    - --
    Robin <> JabberID: <>

    Hostes alienigeni me abduxerunt. Qui annus est?

    PGP Key 0x776DB663 = DD10 5C62 1E29 A385 9866 0853 CD38 E07A 776D B663
    Version: GnuPG v1.2.4 (GNU/Linux)

    -----END PGP SIGNATURE-----

  • Next message: Brian C. Lane: "Re: SSH attacks?"

    Relevant Pages

    • Re: Yikes! Is this a security issue I need to worry about?
      ... admin, root, test, info, sales, guest and many more ...
    • Re: Attempted SSH Logins (from Fedora thread)
      ... I have been having a lot of failed SSH attempts from 'guest' and 'test' ... Today I saw attempts from 'root', 'admin', and ...
    • Re: Samba - trouble with simple smb.conf
      ... dsl is admin ... and there is a guest account and a sambapassword for each: ... on the linux box for each of the Samba users? ... Error connecting to (Connection refused) ...
    • Re: Easy way/script to add another user like me?
      ... have to do to give a user sudo privileges is to add them to the ... # Members of the admin group may gain root privileges ... of cracking the root password because they already know the ...
    • Re: Randy
      ... There is no longer the recommended scenario to create an empty forest root. ... hold the enterprise admin group and to hold the forest schema operations ...