[nSLUG] My sshd has been discovered... ;-)

George N. White III aa056 at chebucto.ns.ca
Mon Aug 16 09:27:33 ADT 2004

On Mon, 16 Aug 2004, David Potter wrote:

> It took about three years - which is an indication of the low exposure it 
> carries, but for the last month or so, my daily tripwire report is noting a 
> handful of attempts to log in as root and a couple dozen attempts to log in 
> as a variety of other users... test, admin,...

There was a long thread about this on the Fedora list.  If you have time 
to spare after making sure your system is well-secured (sound passwords,
current updates, backups, and routine monitoring) you can think about
more interesting measures.  We need a "tar pit" toolkit that makes
attackers think they have control of an interesting system but only
wastes their time.

George N. White III  <aa056 at chebucto.ns.ca>
   Head of St. Margarets Bay, Nova Scotia, Canada


More information about the nSLUG mailing list