System subjected to heavy fire on the part of would-be intruders.
Kernel 2.6.21.5, GNU (Slackware 12.0).
Hi: The following are two extracts from /var/log/messages. Code:
Aug 10 17:29:52 darkstar sshd[11675]: reverse mapping checking getaddrinfo for 116.214.25 Code:
Aug 10 11:58:14 darkstar sshd[9411]: Failed password for root from 173.192.227.66 port 57 |
Quote:
You seem to be under attack from two entirely disparate IP addresses, maybe part of a botnet, maybe coincidence. I know that these days, this is a fact of life, but they are trying the door handles, be very, very sure that they are not going to find an easy door handle to open, otherwise you are in a world of trouble. Quote:
|
Well, as a matter of fact, I've disabled the running of the SSH daemon at boot time. In this way, I hope not seeing those messages anymore. I do not have any need for remote login to my machine.
However, before I took this measure, there were a couple of things that seemed wierd to me and that made ask this question. Slackware is currently at 13.x but I've decided my machine can't be overburdened with larger and larger OSs. Thanks for your kind reply. |
Moved: This thread is more suitable in Linux-Security and has been moved accordingly to help your thread/question get the exposure it deserves.
|
All times are GMT -5. The time now is 07:06 AM. |