illegal user root user failed login attempts
J65nko BSD
j65nko at gmail.com
Tue Apr 26 03:45:55 PDT 2005
On 4/26/05, Peter Kropholler <zen31722 at zen.co.uk> wrote:
> I run a server at home on port 22.
> There are loads of illegal user attempts to login
> every few days. As its at home I protect myself
> by having only one user on the sshd AllowUsers
> list and with a very strong password and no
> admin/sysman priveleges.
>
> So essentially every failed login attempt is illegal.
>
> Is there any way to actually record what passwords
> the hackers' scripts are trying? I am just really intrigued
> to know what they are thinking might work.
>
> I realize that it's not normally appropriate to log people's
> passwords but in my case I am literally the only user
> who will ever legitimately login to my machine
> ______________________________
Moving your ssh port away from port 22 seems to stop these attempts.
These logons seem to come from cracked Linux boxes. This issue has
been discussed quite a lot on this list.
For a non-list discussion, see
http://www.freebsdforums.org/forums/showthread.php?s=&threadid=27683
=Adriaan=
More information about the freebsd-questions
mailing list