[lug] Cracking attempts via SSH
John Hernandez
John.Hernandez at noaa.gov
Thu Aug 19 13:08:53 MDT 2004
With most people turning off telnet nowadays, apparently someone finally
had the bright idea to attempt the same old exploits (default accounts)
through ssh.
Jeff Schroeder wrote:
> Bill wrote:
>
>
>>Back around July 26, I first started seeing unauthorized attempts to
>>gain access to my server via ssh. The pattern was to try accessing an
>>account named 'test', then 2 seconds later to try the account
>>'guest.'
>
>
> Same here. I have attempts to get in as 'test', 'guest', and (clever)
> 'user'. I also have 'root' attempts, as you describe:
>
--
| John Hernandez - NOAA Boulder NOC - 303-497-6392
| Mailstop R/OM62. 325 Broadway, Boulder, CO 80305
| PGP Public Key ID: 586A7E23
More information about the LUG
mailing list