[nSLUG] My sshd has been discovered... ;-)
dlpotter at ns.sympatico.ca
Mon Aug 16 08:39:50 ADT 2004
It took about three years - which is an indication of the low exposure
it carries, but for the last month or so, my daily tripwire report is
noting a handful of attempts to log in as root and a couple dozen
attempts to log in as a variety of other users... test, admin,...
I'm reluctant to stand by and let someone(s) beat on my machine without
mounting some sort of a response...
I've thought of breaking out shell and semi-automating a response:
- parsing the log,
- looking up the ip, and
- creating a webpage with this info that would allow me to: review and
click-mail log info to abuse at ip
Has anyone heard of attempts to 'map' hacking activity...?
More information about the nSLUG