[kwlug-disc] Identify this exploit?
Khalid Baheyeldin
kb at 2bits.com
Sun Dec 29 11:06:16 EST 2019
Here is an example from the scary internet ...
>From today's logs of a server I manage (via logwatch):
Failed logins from:
92.246.17.5: 1 time
95.88.219.197 (ip5f58dbc5.dynamic.kabel-deutschland.de): 1 time
153.126.166.203 (ik1-319-19699.vs.sakura.ne.jp): 1 time
Illegal users from:
undef: 3 times
12.22.203.226: 1 time
63.142.97.181 (63-142-97-63-142-97-181.cpe.sparklight.net): 1 time
92.246.17.5: 2 times
97.84.76.88 (97-84-76-88.dhcp.snlo.ca.charter.com): 1 time
115.160.163.195: 2 times
142.4.208.131 (ns502558.ip-142-4-208.net): 1 time
153.126.141.19 (ik1-306-13265.vs.sakura.ne.jp): 1 time
These are all ssh login attempts from various IP addresses.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20191229/1ae8f365/attachment.htm>
More information about the kwlug-disc
mailing list