[conspire] Ongoing dictionary attacks on SSH daemons
Daniel Gimpelevich
daniel at gimpelevich.san-francisco.ca.us
Fri Oct 1 10:37:59 PDT 2004
Gee, and when I got attacked, the only thing that appeared in the log was:
Sep 11 06:02:50 localhost sshd[13185]: fatal: Timeout before authentication for 212.48.164.71.
On Fri, 01 Oct 2004 11:27:09 -0700, Rick Moen wrote:
> Those of you running SSH daemons, be aware that there have been BIG
> sets of "dictionary attacks" on SSH servers all over the world, going
> on for the last couple of weeks. Someone has a large number of machines
> trying plausible user/password combinations on found SSH servers,
> seeing if there is any easily entrance. (All it takes is one.)
>
> You may wish to consider disabling password authentication and using
> only SSH keypairs, as well as restricting which IPs are allowed to
> connect for inbound SSH.
>
> Also worth considering is sshd-sentry:
> http://linuxmafia.com/pub/linux/security/ssh-dictionary-attack-blacklist
>
> Script and explanatory e-mail by Victor Danilchenko to monitor the sshd
> logs, detect repeated failed login attempts, notify the sysadmin of such
> attempts via e-mail, and blacklist hosts whence such attempts
> originated. Perl script. Licence terms for the script ("sshd-sentry")
> are unstated.
>
> (I'm writing to Danilchenko to ask if he'll open-source it.)
>
>
> ----- Forwarded message from logcheck at linuxmafia.com -----
>
> To: root at linuxmafia.com
> Subject: linuxmafia 2004-10-01 10:02 Security Events
> From: logcheck at linuxmafia.com
> Date: Fri, 01 Oct 2004 10:02:10 -0700
>
> Security Events
> =-=-=-=-=-=-=-=
> Oct 1 09:17:36 linuxmafia sshd[13515]: Failed password for nobody from 195.27.7.130 port 45280 ssh2
> Oct 1 09:17:38 linuxmafia sshd[13519]: Failed password for illegal user patrick from 195.27.7.130 port 45334 ssh2
> Oct 1 09:17:39 linuxmafia sshd[13521]: Failed password for illegal user patrick from 195.27.7.130 port 45374 ssh2
> Oct 1 09:17:41 linuxmafia sshd[13523]: Failed password for root from 195.27.7.130 port 45407 ssh2
> Oct 1 09:17:44 linuxmafia sshd[13525]: Failed password for root from 195.27.7.130 port 45448 ssh2
> Oct 1 09:17:47 linuxmafia sshd[13527]: Failed password for root from 195.27.7.130 port 45491 ssh2
> Oct 1 09:17:49 linuxmafia sshd[13533]: Failed password for root from 195.27.7.130 port 45552 ssh2
> Oct 1 09:17:51 linuxmafia sshd[13535]: Failed password for root from 195.27.7.130 port 45590 ssh2
> Oct 1 09:17:52 linuxmafia sshd[13537]: Failed password for illegal user rolo from 195.27.7.130 port 45622 ssh2
> Oct 1 09:17:54 linuxmafia sshd[13539]: Failed password for illegal user iceuser from 195.27.7.130 port 45659 ssh2
> Oct 1 09:17:56 linuxmafia sshd[13541]: Failed password for illegal user horde from 195.27.7.130 port 45694 ssh2
> Oct 1 09:17:58 linuxmafia sshd[13543]: Failed password for illegal user cyrus from 195.27.7.130 port 45732 ssh2
> Oct 1 09:18:00 linuxmafia sshd[13545]: Failed password for illegal user www from 195.27.7.130 port 45764 ssh2
> Oct 1 09:18:02 linuxmafia sshd[13547]: Failed password for illegal user wwwrun from 195.27.7.130 port 45802 ssh2
> Oct 1 09:18:05 linuxmafia sshd[13551]: Failed password for illegal user matt from 195.27.7.130 port 45851 ssh2
> Oct 1 09:18:07 linuxmafia sshd[13554]: Failed password for illegal user test from 195.27.7.130 port 45896 ssh2
> Oct 1 09:18:08 linuxmafia sshd[13556]: Failed password for illegal user test from 195.27.7.130 port 45937 ssh2
> Oct 1 09:18:11 linuxmafia sshd[13558]: Failed password for illegal user test from 195.27.7.130 port 45971 ssh2
> Oct 1 09:18:13 linuxmafia sshd[13562]: Failed password for illegal user test from 195.27.7.130 port 46027 ssh2
> Oct 1 09:18:15 linuxmafia sshd[13564]: Failed password for www-data from 195.27.7.130 port 46059 ssh2
> Oct 1 09:18:17 linuxmafia sshd[13566]: Failed password for mysql from 195.27.7.130 port 46097 ssh2
> Oct 1 09:18:19 linuxmafia sshd[13568]: Failed password for operator from 195.27.7.130 port 46133 ssh2
> Oct 1 09:18:22 linuxmafia sshd[13570]: Failed password for illegal user adm from 195.27.7.130 port 46164 ssh2
> Oct 1 09:18:24 linuxmafia sshd[13572]: Failed password for illegal user apache from 195.27.7.130 port 46223 ssh2
> Oct 1 09:18:26 linuxmafia sshd[13574]: Failed password for irc from 195.27.7.130 port 46265 ssh2
> Oct 1 09:18:29 linuxmafia sshd[13576]: Failed password for irc from 195.27.7.130 port 46298 ssh2
> Oct 1 09:18:31 linuxmafia sshd[13578]: Failed password for illegal user adm from 195.27.7.130 port 46351 ssh2
> Oct 1 09:18:33 linuxmafia sshd[13580]: Failed password for root from 195.27.7.130 port 46384 ssh2
> Oct 1 09:18:35 linuxmafia sshd[13582]: Failed password for root from 195.27.7.130 port 46418 ssh2
> Oct 1 09:18:37 linuxmafia sshd[13584]: Failed password for root from 195.27.7.130 port 46473 ssh2
> Oct 1 09:18:39 linuxmafia sshd[13586]: Failed password for illegal user jane from 195.27.7.130 port 46506 ssh2
> Oct 1 09:18:41 linuxmafia sshd[13588]: Failed password for illegal user pamela from 195.27.7.130 port 46537 ssh2
> Oct 1 09:18:44 linuxmafia sshd[13592]: Failed password for root from 195.27.7.130 port 46578 ssh2
> Oct 1 09:18:46 linuxmafia sshd[13594]: Failed password for root from 195.27.7.130 port 46625 ssh2
> Oct 1 09:18:48 linuxmafia sshd[13596]: Failed password for root from 195.27.7.130 port 46665 ssh2
> Oct 1 09:18:50 linuxmafia sshd[13598]: Failed password for root from 195.27.7.130 port 46696 ssh2
> Oct 1 09:18:52 linuxmafia sshd[13600]: Failed password for root from 195.27.7.130 port 46729 ssh2
> Oct 1 09:18:54 linuxmafia sshd[13602]: Failed password for illegal user cosmin from 195.27.7.130 port 46763 ssh2
> Oct 1 09:18:56 linuxmafia sshd[13605]: Failed password for root from 195.27.7.130 port 46807 ssh2
> Oct 1 09:18:58 linuxmafia sshd[13607]: Failed password for root from 195.27.7.130 port 46842 ssh2
> Oct 1 09:19:00 linuxmafia sshd[13611]: Failed password for root from 195.27.7.130 port 46877 ssh2
> Oct 1 09:19:01 linuxmafia sshd[13613]: Failed password for root from 195.27.7.130 port 46912 ssh2
> Oct 1 09:19:03 linuxmafia sshd[13615]: Failed password for root from 195.27.7.130 port 46952 ssh2
> Oct 1 09:19:05 linuxmafia sshd[13617]: Failed password for root from 195.27.7.130 port 46989 ssh2
> Oct 1 09:19:07 linuxmafia sshd[13619]: Failed password for root from 195.27.7.130 port 47026 ssh2
> Oct 1 09:19:09 linuxmafia sshd[13621]: Failed password for root from 195.27.7.130 port 47059 ssh2
> Oct 1 09:19:11 linuxmafia sshd[13627]: Failed password for root from 195.27.7.130 port 47098 ssh2
> Oct 1 09:19:13 linuxmafia sshd[13629]: Failed password for root from 195.27.7.130 port 47135 ssh2
> Oct 1 09:19:15 linuxmafia sshd[13631]: Failed password for root from 195.27.7.130 port 47170 ssh2
> Oct 1 09:19:16 linuxmafia sshd[13633]: Failed password for root from 195.27.7.130 port 47207 ssh2
> Oct 1 09:19:18 linuxmafia sshd[13635]: Failed password for root from 195.27.7.130 port 47242 ssh2
> Oct 1 09:19:20 linuxmafia sshd[13637]: Failed password for root from 195.27.7.130 port 47279 ssh2
> Oct 1 09:19:22 linuxmafia sshd[13643]: Failed password for root from 195.27.7.130 port 47315 ssh2
> Oct 1 09:19:25 linuxmafia sshd[13645]: Failed password for root from 195.27.7.130 port 47353 ssh2
> Oct 1 09:19:27 linuxmafia sshd[13648]: Failed password for root from 195.27.7.130 port 47417 ssh2
> Oct 1 09:19:29 linuxmafia sshd[13650]: Failed password for root from 195.27.7.130 port 47455 ssh2
> Oct 1 09:19:31 linuxmafia sshd[13652]: Failed password for root from 195.27.7.130 port 47492 ssh2
> Oct 1 09:19:33 linuxmafia sshd[13654]: Failed password for root from 195.27.7.130 port 47532 ssh2
> Oct 1 09:19:35 linuxmafia sshd[13657]: Failed password for root from 195.27.7.130 port 47567 ssh2
> Oct 1 09:19:37 linuxmafia sshd[13659]: Failed password for root from 195.27.7.130 port 47602 ssh2
> Oct 1 09:19:39 linuxmafia sshd[13662]: Failed password for root from 195.27.7.130 port 47641 ssh2
> Oct 1 09:19:41 linuxmafia sshd[13664]: Failed password for root from 195.27.7.130 port 47675 ssh2
> Oct 1 09:19:42 linuxmafia sshd[13666]: Failed password for root from 195.27.7.130 port 47709 ssh2
> Oct 1 09:19:44 linuxmafia sshd[13668]: Failed password for root from 195.27.7.130 port 47748 ssh2
> Oct 1 09:19:46 linuxmafia sshd[13670]: Failed password for root from 195.27.7.130 port 47786 ssh2
> Oct 1 09:19:48 linuxmafia sshd[13672]: Failed password for root from 195.27.7.130 port 47824 ssh2
> Oct 1 09:19:50 linuxmafia sshd[13674]: Failed password for root from 195.27.7.130 port 47856 ssh2
> Oct 1 09:19:52 linuxmafia sshd[13676]: Failed password for root from 195.27.7.130 port 47892 ssh2
> Oct 1 09:19:54 linuxmafia sshd[13678]: Failed password for root from 195.27.7.130 port 47929 ssh2
> Oct 1 09:19:56 linuxmafia sshd[13680]: Failed password for root from 195.27.7.130 port 47963 ssh2
> Oct 1 09:19:57 linuxmafia sshd[13682]: Failed password for root from 195.27.7.130 port 48000 ssh2
> Oct 1 09:19:59 linuxmafia sshd[13684]: Failed password for root from 195.27.7.130 port 48030 ssh2
> Oct 1 09:20:01 linuxmafia sshd[13686]: Failed password for root from 195.27.7.130 port 48063 ssh2
> Oct 1 09:20:04 linuxmafia sshd[13695]: Failed password for root from 195.27.7.130 port 48103 ssh2
> Oct 1 09:20:06 linuxmafia sshd[13697]: Failed password for illegal user cip52 from 195.27.7.130 port 48140 ssh2
> Oct 1 09:20:07 linuxmafia sshd[13699]: Failed password for illegal user cip51 from 195.27.7.130 port 48177 ssh2
> Oct 1 09:20:10 linuxmafia sshd[13701]: Failed password for root from 195.27.7.130 port 48209 ssh2
> Oct 1 09:20:12 linuxmafia sshd[13705]: Failed password for illegal user noc from 195.27.7.130 port 48261 ssh2
> Oct 1 09:20:14 linuxmafia sshd[13709]: Failed password for root from 195.27.7.130 port 48297 ssh2
> Oct 1 09:20:16 linuxmafia sshd[13713]: Failed password for root from 195.27.7.130 port 48329 ssh2
> Oct 1 09:20:18 linuxmafia sshd[13718]: Failed password for root from 195.27.7.130 port 48364 ssh2
> Oct 1 09:20:20 linuxmafia sshd[13720]: Failed password for root from 195.27.7.130 port 48394 ssh2
> Oct 1 09:20:22 linuxmafia sshd[13722]: Failed password for illegal user webmaster from 195.27.7.130 port 48434 ssh2
> Oct 1 09:20:23 linuxmafia sshd[13724]: Failed password for illegal user data from 195.27.7.130 port 48462 ssh2
> Oct 1 09:20:25 linuxmafia sshd[13726]: Failed password for illegal user user from 195.27.7.130 port 48494 ssh2
> Oct 1 09:20:27 linuxmafia sshd[13728]: Failed password for illegal user user from 195.27.7.130 port 48527 ssh2
> Oct 1 09:20:29 linuxmafia sshd[13730]: Failed password for illegal user user from 195.27.7.130 port 48559 ssh2
> Oct 1 09:20:31 linuxmafia sshd[13734]: Failed password for illegal user web from 195.27.7.130 port 48595 ssh2
> Oct 1 09:20:33 linuxmafia sshd[13736]: Failed password for illegal user web from 195.27.7.130 port 48626 ssh2
> Oct 1 09:20:35 linuxmafia sshd[13738]: Failed password for illegal user oracle from 195.27.7.130 port 48656 ssh2
> Oct 1 09:20:39 linuxmafia sshd[13742]: Failed password for illegal user sybase from 195.27.7.130 port 48697 ssh2
> Oct 1 09:20:41 linuxmafia sshd[13744]: Failed password for illegal user master from 195.27.7.130 port 48757 ssh2
> Oct 1 09:20:42 linuxmafia sshd[13748]: Failed password for illegal user account from 195.27.7.130 port 48793 ssh2
> Oct 1 09:20:44 linuxmafia sshd[13750]: Failed password for backup from 195.27.7.130 port 48823 ssh2
> Oct 1 09:20:46 linuxmafia sshd[13752]: Failed password for illegal user server from 195.27.7.130 port 48861 ssh2
> Oct 1 09:20:48 linuxmafia sshd[13754]: Failed password for illegal user adam from 195.27.7.130 port 48886 ssh2
> Oct 1 09:20:51 linuxmafia sshd[13756]: Failed password for illegal user alan from 195.27.7.130 port 48923 ssh2
> Oct 1 09:20:56 linuxmafia sshd[13758]: Failed password for illegal user frank from 195.27.7.130 port 48981 ssh2
> Oct 1 09:20:58 linuxmafia sshd[13760]: Failed password for illegal user george from 195.27.7.130 port 49061 ssh2
> Oct 1 09:21:00 linuxmafia sshd[13762]: Failed password for illegal user henry from 195.27.7.130 port 49093 ssh2
> Oct 1 09:21:02 linuxmafia sshd[13766]: Failed password for illegal user john from 195.27.7.130 port 49132 ssh2
> Oct 1 09:21:07 linuxmafia sshd[13768]: Failed password for root from 195.27.7.130 port 49163 ssh2
> Oct 1 09:21:09 linuxmafia sshd[13770]: Failed password for root from 195.27.7.130 port 49249 ssh2
> Oct 1 09:21:11 linuxmafia sshd[13772]: Failed password for root from 195.27.7.130 port 49282 ssh2
> Oct 1 09:21:13 linuxmafia sshd[13774]: Failed password for root from 195.27.7.130 port 49321 ssh2
> Oct 1 09:21:15 linuxmafia sshd[13776]: Failed password for root from 195.27.7.130 port 49362 ssh2
> Oct 1 09:21:20 linuxmafia sshd[13779]: Failed password for illegal user test from 195.27.7.130 port 49399 ssh2
>
> System Events
> =-=-=-=-=-=-=
> Oct 1 09:10:53 linuxmafia sshd[13456]: Did not receive identification string from 195.27.7.130
> Oct 1 09:17:37 linuxmafia sshd[13519]: Illegal user patrick from 195.27.7.130
> Oct 1 09:17:38 linuxmafia sshd[13519]: error: Could not get shadow information for NOUSER
> Oct 1 09:17:39 linuxmafia sshd[13521]: Illegal user patrick from 195.27.7.130
> Oct 1 09:17:39 linuxmafia sshd[13521]: error: Could not get shadow information for NOUSER
> Oct 1 09:17:52 linuxmafia sshd[13537]: Illegal user rolo from 195.27.7.130
> Oct 1 09:17:52 linuxmafia sshd[13537]: error: Could not get shadow information for NOUSER
> Oct 1 09:17:54 linuxmafia sshd[13539]: Illegal user iceuser from 195.27.7.130
> Oct 1 09:17:54 linuxmafia sshd[13539]: error: Could not get shadow information for NOUSER
> Oct 1 09:17:56 linuxmafia sshd[13541]: Illegal user horde from 195.27.7.130
> Oct 1 09:17:56 linuxmafia sshd[13541]: error: Could not get shadow information for NOUSER
> Oct 1 09:17:58 linuxmafia sshd[13543]: Illegal user cyrus from 195.27.7.130
> Oct 1 09:17:58 linuxmafia sshd[13543]: error: Could not get shadow information for NOUSER
> Oct 1 09:18:00 linuxmafia sshd[13545]: Illegal user www from 195.27.7.130
> Oct 1 09:18:00 linuxmafia sshd[13545]: error: Could not get shadow information for NOUSER
> Oct 1 09:18:02 linuxmafia sshd[13547]: Illegal user wwwrun from 195.27.7.130
> Oct 1 09:18:02 linuxmafia sshd[13547]: error: Could not get shadow information for NOUSER
> Oct 1 09:18:05 linuxmafia sshd[13551]: Illegal user matt from 195.27.7.130
> Oct 1 09:18:05 linuxmafia sshd[13551]: error: Could not get shadow information for NOUSER
> Oct 1 09:18:06 linuxmafia sshd[13554]: Illegal user test from 195.27.7.130
> Oct 1 09:18:07 linuxmafia sshd[13554]: error: Could not get shadow information for NOUSER
> Oct 1 09:18:08 linuxmafia sshd[13556]: Illegal user test from 195.27.7.130
> Oct 1 09:18:08 linuxmafia sshd[13556]: error: Could not get shadow information for NOUSER
> Oct 1 09:18:10 linuxmafia sshd[13558]: Illegal user test from 195.27.7.130
> Oct 1 09:18:11 linuxmafia sshd[13558]: error: Could not get shadow information for NOUSER
> Oct 1 09:18:13 linuxmafia sshd[13562]: Illegal user test from 195.27.7.130
> Oct 1 09:18:13 linuxmafia sshd[13562]: error: Could not get shadow information for NOUSER
> Oct 1 09:18:22 linuxmafia sshd[13570]: Illegal user adm from 195.27.7.130
> Oct 1 09:18:22 linuxmafia sshd[13570]: error: Could not get shadow information for NOUSER
> Oct 1 09:18:24 linuxmafia sshd[13572]: Illegal user apache from 195.27.7.130
> Oct 1 09:18:24 linuxmafia sshd[13572]: error: Could not get shadow information for NOUSER
> Oct 1 09:18:31 linuxmafia sshd[13578]: Illegal user adm from 195.27.7.130
> Oct 1 09:18:31 linuxmafia sshd[13578]: error: Could not get shadow information for NOUSER
> Oct 1 09:18:39 linuxmafia sshd[13586]: Illegal user jane from 195.27.7.130
> Oct 1 09:18:39 linuxmafia sshd[13586]: error: Could not get shadow information for NOUSER
> Oct 1 09:18:41 linuxmafia sshd[13588]: Illegal user pamela from 195.27.7.130
> Oct 1 09:18:41 linuxmafia sshd[13588]: error: Could not get shadow information for NOUSER
> Oct 1 09:18:54 linuxmafia sshd[13602]: Illegal user cosmin from 195.27.7.130
> Oct 1 09:18:54 linuxmafia sshd[13602]: error: Could not get shadow information for NOUSER
> Oct 1 09:20:05 linuxmafia sshd[13697]: Illegal user cip52 from 195.27.7.130
> Oct 1 09:20:06 linuxmafia sshd[13697]: error: Could not get shadow information for NOUSER
> Oct 1 09:20:07 linuxmafia sshd[13699]: Illegal user cip51 from 195.27.7.130
> Oct 1 09:20:07 linuxmafia sshd[13699]: error: Could not get shadow information for NOUSER
> Oct 1 09:20:12 linuxmafia sshd[13705]: Illegal user noc from 195.27.7.130
> Oct 1 09:20:12 linuxmafia sshd[13705]: error: Could not get shadow information for NOUSER
> Oct 1 09:20:21 linuxmafia sshd[13722]: Illegal user webmaster from 195.27.7.130
> Oct 1 09:20:22 linuxmafia sshd[13722]: error: Could not get shadow information for NOUSER
> Oct 1 09:20:23 linuxmafia sshd[13724]: Illegal user data from 195.27.7.130
> Oct 1 09:20:23 linuxmafia sshd[13724]: error: Could not get shadow information for NOUSER
> Oct 1 09:20:25 linuxmafia sshd[13726]: Illegal user user from 195.27.7.130
> Oct 1 09:20:25 linuxmafia sshd[13726]: error: Could not get shadow information for NOUSER
> Oct 1 09:20:27 linuxmafia sshd[13728]: Illegal user user from 195.27.7.130
> Oct 1 09:20:27 linuxmafia sshd[13728]: error: Could not get shadow information for NOUSER
> Oct 1 09:20:29 linuxmafia sshd[13730]: Illegal user user from 195.27.7.130
> Oct 1 09:20:29 linuxmafia sshd[13730]: error: Could not get shadow information for NOUSER
> Oct 1 09:20:31 linuxmafia sshd[13734]: Illegal user web from 195.27.7.130
> Oct 1 09:20:31 linuxmafia sshd[13734]: error: Could not get shadow information for NOUSER
> Oct 1 09:20:33 linuxmafia sshd[13736]: Illegal user web from 195.27.7.130
> Oct 1 09:20:33 linuxmafia sshd[13736]: error: Could not get shadow information for NOUSER
> Oct 1 09:20:34 linuxmafia sshd[13738]: Illegal user oracle from 195.27.7.130
> Oct 1 09:20:35 linuxmafia sshd[13738]: error: Could not get shadow information for NOUSER
> Oct 1 09:20:39 linuxmafia sshd[13742]: Illegal user sybase from 195.27.7.130
> Oct 1 09:20:39 linuxmafia sshd[13742]: error: Could not get shadow information for NOUSER
> Oct 1 09:20:40 linuxmafia sshd[13744]: Illegal user master from 195.27.7.130
> Oct 1 09:20:41 linuxmafia sshd[13744]: error: Could not get shadow information for NOUSER
> Oct 1 09:20:42 linuxmafia sshd[13748]: Illegal user account from 195.27.7.130
> Oct 1 09:20:42 linuxmafia sshd[13748]: error: Could not get shadow information for NOUSER
> Oct 1 09:20:46 linuxmafia sshd[13752]: Illegal user server from 195.27.7.130
> Oct 1 09:20:46 linuxmafia sshd[13752]: error: Could not get shadow information for NOUSER
> Oct 1 09:20:48 linuxmafia sshd[13754]: Illegal user adam from 195.27.7.130
> Oct 1 09:20:48 linuxmafia sshd[13754]: error: Could not get shadow information for NOUSER
> Oct 1 09:20:51 linuxmafia sshd[13756]: Illegal user alan from 195.27.7.130
> Oct 1 09:20:51 linuxmafia sshd[13756]: error: Could not get shadow information for NOUSER
> Oct 1 09:20:56 linuxmafia sshd[13758]: Illegal user frank from 195.27.7.130
> Oct 1 09:20:56 linuxmafia sshd[13758]: error: Could not get shadow information for NOUSER
> Oct 1 09:20:58 linuxmafia sshd[13760]: Illegal user george from 195.27.7.130
> Oct 1 09:20:58 linuxmafia sshd[13760]: error: Could not get shadow information for NOUSER
> Oct 1 09:21:00 linuxmafia sshd[13762]: Illegal user henry from 195.27.7.130
> Oct 1 09:21:00 linuxmafia sshd[13762]: error: Could not get shadow information for NOUSER
> Oct 1 09:21:02 linuxmafia sshd[13766]: Illegal user john from 195.27.7.130
> Oct 1 09:21:02 linuxmafia sshd[13766]: error: Could not get shadow information for NOUSER
> Oct 1 09:21:19 linuxmafia sshd[13779]: Illegal user test from 195.27.7.130
> Oct 1 09:21:20 linuxmafia sshd[13779]: error: Could not get shadow information for NOUSER
> Oct 1 09:49:59 linuxmafia sshd[14198]: Bad protocol version identification 'CONNECT 82.96.96.3:802 HTTP/1.0' from 82.96.96.3
> Oct 1 09:49:59 linuxmafia sshd[14199]: Bad protocol version identification 'cisco' from 82.96.96.3
> Oct 1 09:49:59 linuxmafia sshd[14200]: Bad protocol version identification '82.96.96.3:802' from 82.96.96.3
>
>
> ----- End forwarded message -----
More information about the conspire
mailing list