Date: Tue, 26 Apr 2005 12:45:54 +0200 From: J65nko BSD <j65nko@gmail.com> To: Peter Kropholler <zen31722@zen.co.uk> Cc: freebsd-questions@freebsd.org Subject: Re: illegal user root user failed login attempts Message-ID: <19861fba05042603456626a817@mail.gmail.com> In-Reply-To: <ec0b1e25b6de0216c5744ed8d40d560c@zen.co.uk> References: <ec0b1e25b6de0216c5744ed8d40d560c@zen.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
On 4/26/05, Peter Kropholler <zen31722@zen.co.uk> wrote: > I run a server at home on port 22. > There are loads of illegal user attempts to login > every few days. As its at home I protect myself > by having only one user on the sshd AllowUsers > list and with a very strong password and no > admin/sysman priveleges. >=20 > So essentially every failed login attempt is illegal. >=20 > Is there any way to actually record what passwords > the hackers' scripts are trying? I am just really intrigued > to know what they are thinking might work. >=20 > I realize that it's not normally appropriate to log people's > passwords but in my case I am literally the only user > who will ever legitimately login to my machine > ______________________________ Moving your ssh port away from port 22 seems to stop these attempts. These logons seem to come from cracked Linux boxes. This issue has been discussed quite a lot on this list. For a non-list discussion, see http://www.freebsdforums.org/forums/showthread.php?s=3D&threadid=3D27683 =3DAdriaan=3D
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19861fba05042603456626a817>