Security Incidents mailing list archives

Re: SSH probes?

From: Klaus Lichtenwalder <k.lichtenwalder () computer org>
Date: Wed, 12 May 2004 18:07:30 +0200

Yes. Same here, same address, lots of tests:
May  1 00:59:24 server sshd[29732]: Illegal user info from 211.216.53.20
May  1 00:59:24 server sshd(pam_unix)[29732]: authentication failure;
logname= uid=0 euid=0 tty=NODEVssh ruser= rhost=211.216.53.20 
May  1 00:59:26 server sshd[29732]: Failed none for illegal user info
from 211.216.53.20 port 43789 ssh2
May  1 00:59:29 server sshd[29732]: Failed password for illegal user
info from 211.216.53.20 port 43789 ssh2
May  1 00:59:29 server sshd(pam_unix)[29732]: 1 more authentication
failure; logname= uid=0 euid=0 tty=NODEVssh ruser= rhost=211.216.53.20 

Machine is UTC

Klaus

-- 
------------------------------------------------------------------------ 
 Klaus Lichtenwalder, Dipl. Inform.,       http://www.webforum.de/Klaus/
 Fax +49-(0)89-9103579                             Lichtenwalder () ACM org
 NIC: KL2100, KL76-RIPE                     K.Lichtenwalder () Computer org
 PGP Key fingerprint =4194 C7B8 C74E C607 E440  F075 BCA0 6B94 1B33 3FB7

Attachment: signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil

Current thread:

SSH probes? Devdas Bhagat (May 10)
- RE: SSH probes? Jerry Shenk (May 10)
- Re: SSH probes? iglope (May 12)
  - Re: SSH probes? Valdis . Kletnieks (May 12)
    - Re: SSH probes? Klaus Lichtenwalder (May 12)