Hacker
From: Ed Kipp (ekipp_at_ucsd.edu)
Date: 05/01/03
- Next message: lucy: "allow cookies"
- Previous message: Steve: "Kerberos"
- In reply to: Amy: "Hacker"
- Next in thread: Keith: "Hacker"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 1 May 2003 10:04:45 -0700
It's very difficult to determine where the login attempts
are coming from, but an important thing to do is to make
sure that RestrictAnonymous is enabled at it's highest
level so a hacker cannot enumerate your account list.
Many of the recent attacks we've seen on our network have
a list of seven or eight accounts, some may exist on your
network and some may not. The best defense seems to be
ensuring that passwords are complex enough to not be
guessed, to restrict anonymous access, and if you have
the resources, purchase a firewall.
>-----Original Message-----
>I have auditing of failed logon attempts on. I noticed
>there is someone trying to logon to my server as guest,
>then admin, then administrator. This happens several
>times in a row within 2 min. I found it happpening
since
>Feb. Is there a way for me to figure out who it is that
>keeps doing this?
>.
>
- Next message: lucy: "allow cookies"
- Previous message: Steve: "Kerberos"
- In reply to: Amy: "Hacker"
- Next in thread: Keith: "Hacker"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
