[olug] attempted attacks
Sean Edwards
cybersean3000 at yahoo.com
Tue Mar 8 15:10:45 UTC 2005
You could also go the other direction, and provide a
honey pot.
Honeyd is pretty powerful (http://www.honeyd.org), but
here is a list of commercial and Open Sores honey
pots:
http://www.tracking-hackers.com/solutions/
Here is dogpile search for other honey pot info:
http://www.dogpile.com/info.dogpl/search/web/linux%2Bhoneypot
-=Sean=-
--- Eric Lusk <wyrmzr72 at yahoo.com> wrote:
> Someone has too much time on their hands. They have
> to to be trying to log into my server. All of it's
> coming from a couple of systems in Asia, one of
> which
> is a web server, or at least they're masquerading as
> 202.55.229.226, along with a couple of other IP
> addresses. The attempted logins as root don't
> bother
> me; even I can't log in remotely as root :) But the
> above IP has been trying to guess usernames, and may
> have even brought down my internet service for a
> while
> yesterday. Time to implement some tighter measures,
> such as changing my ssh server port away from 22.
> I doubt the sysadmins or ISPs of any of the
> attacking
> systems are going to do much; in my experience, most
> Asian ISPs don't care; some even seem to be
> encouraging hackers.
> At the least, it's time to modify the users on my
> system, using unusual usernames. One of the systems
> was going through and trying to guess usernames on
> the system.
>
> http://www.ericshaus.com
> Alcohol and Calculus don't mix. Never drink and
> derive.
>
>
>
>
> __________________________________
> Celebrate Yahoo!'s 10th Birthday!
> Yahoo! Netrospective: 100 Moments of the Web
> http://birthday.yahoo.com/netrospective/
> _______________________________________________
> OLUG mailing list
> OLUG at olug.org
> http://lists.olug.org/mailman/listinfo/olug
>
__________________________________
Celebrate Yahoo!'s 10th Birthday!
Yahoo! Netrospective: 100 Moments of the Web
http://birthday.yahoo.com/netrospective/
More information about the OLUG
mailing list