Security Basics: Re: what to do?

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Security Basics mailing list archives

Re: what to do?

From: Alexander Klimov <alserkli () inbox ru>
Date: Sun, 28 Aug 2005 12:19:12 +0300 (IDT)

Hi.

On Thu, 25 Aug 2005, Bill Smith wrote:

I noticed that someone is trying to hacker into my
machine. Please see below is the content of
/var/log/security.
what I would like some advice of you guys is, what
will I do with these people?


The remote hosts are usually just owned boxes. If you are sure that
your passwords are strong (or you use pub key authentication) you can
ignore this. If you want to keep you log clean you can either change
your log preferences or run ssh on a non-default port.

See also
http://www.google.com/search?q=ssh%20brute-force%20attacks

-- 
Regards,
ASK

By Date By Thread

Current thread:

Re: what to do?, (continued)
- Re: what to do? morph84 (Aug 29)
  - Re: what to do? cam (Aug 30)
    - Re: what to do? zp (Aug 30)
- Re: what to do? Barrie Dempster (Aug 29)
- Re: what to do? paavan shah (Aug 29)
- Re: what to do? Alexander Klimov (Aug 30)
- Re: what to do? Anthony J Placilla (Aug 30)
- RE: what to do? Mehmet Buyukozer (Aug 31)
- RE: what to do? Rochford, Paul (BOI Compliance) (Aug 30)
- RE: what to do? Shane Singh (Aug 30)
- Re: what to do? Steve.Cummings (Aug 30)