script kiddies or something worse? how can i tell
From: kevin (kevin_at_mtel.co.uk)
Date: 10/26/04
- Next message: Fritz Bayer: "iptables / reject vs drop"
- Previous message: Newsbox: "Re: Linux Trojan Circulating"
- Next in thread: Huge: "Re: script kiddies or something worse? how can i tell"
- Reply:(deleted message) Huge: "Re: script kiddies or something worse? how can i tell"
- Reply: Gandalf Parker: "Re: script kiddies or something worse? how can i tell"
- Reply: DM: "Re: script kiddies or something worse? how can i tell"
- Reply: Moe Trin: "Re: script kiddies or something worse? how can i tell"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 26 Oct 2004 02:40:53 -0700
Hi, i'm fairly new to this admin stuff, and have a newbie question,...
i get regularly (but not bombarded) with an obviously script based
access attempts to sshd and ftp, sendmail. I just slap them on the
hosts.deny list and that's the last i hear from them. (i had to move
the sshd port of the main server, it was probed so often).
What i want to know is ...
are these just kids playing about, or spammers trying to break in.
Should i go to a newsgroup trumpeting the ipaddresses?
How can you tell when it's an attack worth 'sharing'?
the script probes usually sshd, and sometimes sendmail or ftp
root
admin
nobody
test
user
guest
- Next message: Fritz Bayer: "iptables / reject vs drop"
- Previous message: Newsbox: "Re: Linux Trojan Circulating"
- Next in thread: Huge: "Re: script kiddies or something worse? how can i tell"
- Reply:(deleted message) Huge: "Re: script kiddies or something worse? how can i tell"
- Reply: Gandalf Parker: "Re: script kiddies or something worse? how can i tell"
- Reply: DM: "Re: script kiddies or something worse? how can i tell"
- Reply: Moe Trin: "Re: script kiddies or something worse? how can i tell"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
