I think someone is trying to get into my pc but i dont know can i get some help
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I think someone is trying to get into my pc but i dont know can i get some help
Here is an part of my security log and it keeps going. Is this some kind of attack. How do I stop this from happening
illegal user account from 61.66.193.155 port 54343 ssh2
Oct 3 16:36:02 yahoobb220004224140 sshd[16464]: Failed password for illegal user backup from 61.66.193.155 port 54438 ssh2
Oct 3 16:36:06 yahoobb220004224140 sshd[16466]: Failed password for illegal user server from 61.66.193.155 port 54510 ssh2
Oct 3 16:36:09 yahoobb220004224140 sshd[16468]: Failed password for illegal user adam from 61.66.193.155 port 54583 ssh2
Oct 3 16:36:12 yahoobb220004224140 sshd[16470]: Failed password for illegal user alan from 61.66.193.155 port 54647 ssh2
Oct 3 16:36:15 yahoobb220004224140 sshd[16472]: Failed password for illegal user frank from 61.66.193.155 port 54715 ssh2
Oct 3 16:36:19 yahoobb220004224140 sshd[16474]: Failed password for illegal user george from 61.66.193.155 port 54785 ssh2
Oct 3 16:36:22 yahoobb220004224140 sshd[16476]: Failed password for illegal user henry from 61.66.193.155 port 54847 ssh2
Oct 3 16:36:25 yahoobb220004224140 sshd[16479]: Failed password for illegal user john from 61.66.193.155 port 54918 ssh2
Oct 3 16:36:45 yahoobb220004224140 sshd[16491]: Failed password for illegal user test from 61.66.193.155 port 55308 ssh2
are u allowuing ssh,ssh2 for internet access
if not then u shpuld perhaps close the posrts and also if u are allowing then u should define a policy or rules in a firewall
shorewall is a good and easy firewall
or u can write ur own iptables scripts if u r comfortable with that
61.66.193.155
Block this address...........if this guy persists
block the ISP for a week or so, he will give up and go
somewhere else...........then just un block the ISP, so others can get thru.......
IF the guy comes back......send an Email to the ISP, and they will just Dump this guy from their service!
I dont know if I am using ssh how do I check. I am just a beginner. If I am not how do I close the ports? I am trying to learn about iptables right now in the book that came with the distro. I will re-read and block the isp. Showall its a Firewall? I am using the firewall that came with the distro. Fedora Core 1. By the looks of it I see many different users so I think someone is trying brute force or has infected other computers. How do I send a message to the ISP server so I can inform them on their side I dont want this to happen to others is why. Thankyou. If you know any good sites about making my pc more secure I would like to know. I am asking because I will eventually try to set up a server on my box. Thankyou.
I got the Admin info. Thankyou. I will work on securing my box more. Any help to places I can learn to secure my box would be great. I am just learning but I will put in the work. Thankyou all for confirming I am being hit. I will be more alert.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.