possible hack thoughts please
epicwinter_at_hotmail.com
Date: 06/17/05
- Next message: Renegade: "Re: possible hack thoughts please"
- Previous message: Mouse: "Re: Possible to configure IPsec for loopback?"
- Next in thread: Renegade: "Re: possible hack thoughts please"
- Reply: Renegade: "Re: possible hack thoughts please"
- Reply: John Gallet: "Re: possible hack thoughts please"
- Reply: Michael Heiming: "Re: possible hack thoughts please"
- Reply: Jem Berkes: "Re: possible hack thoughts please"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 16 Jun 2005 17:50:19 -0700
I work on a computer and I often ssh to another to do maintenance and
various tasks on it. The computer i ssh into was mysteriously rebooted
today and as far as I know there was no power outage and now major
errors in the logs. Both computers are pretty locked down except for
needed services using iptables.
So this wierded me out a bit and I started looking through the logs. I
noticed the normal script kiddie action. But the wierd thing i see a
lot of hits from the same ip on both computers:
218.188.2.4
With this type of crap:
Failed password for illegal user amy from 218.188.2.4 port 43774 ssh2
This seems too much of a coincidence to me. Other than that everything
is running normal. I don't know what else to check.
- Next message: Renegade: "Re: possible hack thoughts please"
- Previous message: Mouse: "Re: Possible to configure IPsec for loopback?"
- Next in thread: Renegade: "Re: possible hack thoughts please"
- Reply: Renegade: "Re: possible hack thoughts please"
- Reply: John Gallet: "Re: possible hack thoughts please"
- Reply: Michael Heiming: "Re: possible hack thoughts please"
- Reply: Jem Berkes: "Re: possible hack thoughts please"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
