sequences in the auth.log - Peter C. Lai - org.freebsd.freebsd-security

12 messages in org.freebsd.freebsd-securitysequences in the auth.log

From	Sent On	Attachments
Sandor Berta	Aug 13, 2004 7:05 am
Dan Langille	Aug 13, 2004 7:14 am
Nikolaj I. Potanin	Aug 13, 2004 7:14 am
Mohacsi Janos	Aug 13, 2004 7:15 am
Jan Muenther	Aug 13, 2004 7:55 am
Craig Edwards	Aug 13, 2004 10:48 am
Peter C. Lai	Aug 13, 2004 11:52 am
Gregory Kuhn	Aug 13, 2004 12:35 pm
Justin	Aug 17, 2004 9:01 pm
Allen/Gore/SlackWareWolf	Aug 17, 2004 9:39 pm
Nikolay Pavlov	Aug 18, 2004 2:54 am
Devon H. O'Dell	Aug 18, 2004 2:56 am

Subject:	sequences in the auth.log
From:	Peter C. Lai (sir...@cowbert.net)
Date:	Aug 13, 2004 11:52:18 am
List:	org.freebsd.freebsd-security

On Fri, Aug 13, 2004 at 04:14:29PM +0200, Mohacsi Janos wrote:

Hi Sandor, You don't have to worry, unless you have user 'test', 'guest', 'admin', 'root' with poor password: typically same or very similar to your accountname. There seems to be a script around the hackers to scan SSH and gain access to poorly configured servers.... Unfortunately they are plenty of badly configured servers. May be you should disable root access via SSH password (only via keys).

Disabling root login via ssh will still cause 'failed password' entries in syslog. (on openssh 3.7 anyway)

	Start a set with this search
	Include this search in one of my sets
	Exclude this search from one of my sets