[nSLUG] My sshd has been discovered... ;-)

David Potter dlpotter at ns.sympatico.ca
Mon Aug 16 08:39:50 ADT 2004


It took about three years - which is an indication of the low exposure 
it carries, but for the last month or so, my daily tripwire report is 
noting a handful of attempts to log in as root and a couple dozen 
attempts to log in as a variety of other users... test, admin,...

I'm reluctant to stand by and let someone(s) beat on my machine without 
mounting some sort of a response...

I've thought of breaking out shell and semi-automating a response:

- parsing the log,
- looking up the ip, and
- creating a webpage with this info that would allow me to: review and 
click-mail log info to abuse at ip

Has anyone heard of attempts to 'map' hacking activity...?

david potter






!DSPAM:41209d08194641033112539!




More information about the nSLUG mailing list