Intruder attemt on server

• Next message: Flemming Jacobsen: "Re: Intruder attemt on server"
• Previous message: Joachim Bondo: "Søgning i pdf-filer?"
• Next in thread: Flemming Jacobsen: "Re: Intruder attemt on server"
• Reply: Flemming Jacobsen: "Re: Intruder attemt on server"
• Reply: Jakob Breivik Grimstveit: "Re: Intruder attemt on server"
• Reply: Henrik Boegh: "Re: Intruder attemt on server"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

Date: Sat, 30 Oct 2004 13:31:21 +0200
From: Steffen Frøkjær <none@isfugl--kvaek.dk.lh.bsd-dk.dk>
To: bsd-dk@bsd-dk.dk
Subject: Intruder attemt on server

jeg får med jevnlige mellem rum en mail fra min server "Subject:
fort.kvaek.dk security run output " med noget der minder meget om denne

#quote on#
Checking setuid files and devices:

Checking for uids of 0:
root 0
toor 0

Checking for passwordless accounts:

fort.kvaek.dk ipfw denied packets:

>> 03100 528 41184 deny udp from any 137 to any 137
>> 05000 418 126085 deny log ip from any to any

fort.kvaek.dk login failures:
Oct 29 01:45:17 fort sshd[4767]: Failed password for root from
220.70.167.67 port 33372 ssh2
Oct 29 01:45:19 fort sshd[4769]: Failed password for root from
220.70.167.67 port 33447 ssh2
Oct 29 01:45:22 fort sshd[4771]: Failed password for root from
220.70.167.67 port 33522 ssh2
Oct 29 09:07:54 fort sshd[5463]: Failed password for nobody from
61.81.119.132 port 47430 ssh2
Oct 29 09:08:04 fort sshd[5469]: Failed password for root from
61.81.119.132 port 47550 ssh2
Oct 29 09:08:07 fort sshd[5471]: Failed password for root from
61.81.119.132 port 47595 ssh2
Oct 29 09:08:10 fort sshd[5473]: Failed password for root from
61.81.119.132 port 47636 ssh2
Oct 29 09:08:13 fort sshd[5476]: Failed password for root from
61.81.119.132 port 47679 ssh2
Oct 29 09:08:16 fort sshd[5478]: Failed password for root from
61.81.119.132 port 47714 ssh2
Oct 29 09:08:31 fort sshd[5488]: Failed password for www from
61.81.119.132 port 47914 ssh2
Oct 29 09:08:59 fort sshd[5507]: Failed password for operator from
61.81.119.132 port 48283 ssh2
Oct 29 09:09:18 fort sshd[5521]: Failed password for root from
61.81.119.132 port 48527 ssh2
Oct 29 09:09:21 fort sshd[5523]: Failed password for root from
61.81.119.132 port 48566 ssh2
Oct 29 09:09:24 fort sshd[5525]: Failed password for root from
61.81.119.132 port 48605 ssh2
Oct 29 09:09:33 fort sshd[5531]: Failed password for root from
61.81.119.132 port 48723 ssh2
Oct 29 09:09:36 fort sshd[5533]: Failed password for root from
61.81.119.132 port 48761 ssh2
Oct 29 09:09:39 fort sshd[5535]: Failed password for root from
61.81.119.132 port 48797 ssh2
Oct 29 09:09:42 fort sshd[5537]: Failed password for root from
61.81.119.132 port 48834 ssh2
Oct 29 09:09:45 fort sshd[5539]: Failed password for root from
61.81.119.132 port 48874 ssh2
Oct 29 09:09:51 fort sshd[5543]: Failed password for root from
61.81.119.132 port 48951 ssh2
Oct 29 09:09:55 fort sshd[5545]: Failed password for root from
61.81.119.132 port 48991 ssh2
Oct 29 09:09:58 fort sshd[5547]: Failed password for root from
61.81.119.132 port 49028 ssh2
Oct 29 09:10:01 fort sshd[5549]: Failed password for root from
61.81.119.132 port 49070 ssh2
Oct 29 09:10:04 fort sshd[5554]: Failed password for root from
61.81.119.132 port 49108 ssh2
Oct 29 09:10:07 fort sshd[5556]: Failed password for root from
61.81.119.132 port 49146 ssh2
Oct 29 09:10:10 fort sshd[5558]: Failed password for root from
61.81.119.132 port 49185 ssh2
Oct 29 09:10:13 fort sshd[5560]: Failed password for root from
61.81.119.132 port 49222 ssh2
Oct 29 09:10:16 fort sshd[5562]: Failed password for root from
61.81.119.132 port 49266 ssh2
Oct 29 09:10:19 fort sshd[5564]: Failed password for root from
61.81.119.132 port 49303 ssh2
Oct 29 09:10:22 fort sshd[5566]: Failed password for root from
61.81.119.132 port 49338 ssh2
Oct 29 09:10:25 fort sshd[5568]: Failed password for root from
61.81.119.132 port 49381 ssh2
Oct 29 09:10:28 fort sshd[5570]: Failed password for root from
61.81.119.132 port 49422 ssh2
Oct 29 09:10:31 fort sshd[5572]: Failed password for root from
61.81.119.132 port 49459 ssh2
Oct 29 09:10:34 fort sshd[5574]: Failed password for root from
61.81.119.132 port 49498 ssh2
Oct 29 09:10:38 fort sshd[5576]: Failed password for root from
61.81.119.132 port 49540 ssh2
Oct 29 09:10:41 fort sshd[5578]: Failed password for root from
61.81.119.132 port 49582 ssh2
Oct 29 09:10:44 fort sshd[5580]: Failed password for root from
61.81.119.132 port 49619 ssh2
Oct 29 09:10:47 fort sshd[5582]: Failed password for root from
61.81.119.132 port 49659 ssh2
Oct 29 09:10:50 fort sshd[5584]: Failed password for root from
61.81.119.132 port 49696 ssh2
Oct 29 09:10:53 fort sshd[5586]: Failed password for root from
61.81.119.132 port 49739 ssh2
Oct 29 09:10:56 fort sshd[5588]: Failed password for root from
61.81.119.132 port 49777 ssh2
Oct 29 09:10:59 fort sshd[5590]: Failed password for root from
61.81.119.132 port 49814 ssh2
Oct 29 09:11:02 fort sshd[5592]: Failed password for root from
61.81.119.132 port 49855 ssh2
Oct 29 09:11:05 fort sshd[5594]: Failed password for root from
61.81.119.132 port 49893 ssh2
Oct 29 09:11:08 fort sshd[5596]: Failed password for root from
61.81.119.132 port 49932 ssh2
Oct 29 09:11:11 fort sshd[5598]: Failed password for root from
61.81.119.132 port 49974 ssh2
Oct 29 09:11:14 fort sshd[5600]: Failed password for root from
61.81.119.132 port 50013 ssh2
Oct 29 09:11:17 fort sshd[5602]: Failed password for root from
61.81.119.132 port 50053 ssh2
Oct 29 09:11:20 fort sshd[5604]: Failed password for root from
61.81.119.132 port 50087 ssh2
Oct 29 09:11:23 fort sshd[5606]: Failed password for root from
61.81.119.132 port 50125 ssh2
Oct 29 09:11:26 fort sshd[5608]: Failed password for root from
61.81.119.132 port 50159 ssh2
Oct 29 09:11:29 fort sshd[5610]: Failed password for root from
61.81.119.132 port 50198 ssh2
Oct 29 09:11:32 fort sshd[5612]: Failed password for root from
61.81.119.132 port 50237 ssh2
Oct 29 09:11:35 fort sshd[5614]: Failed password for root from
61.81.119.132 port 50278 ssh2
Oct 29 09:11:39 fort sshd[5616]: Failed password for root from
61.81.119.132 port 50312 ssh2
Oct 29 09:11:48 fort sshd[5622]: Failed password for root from
61.81.119.132 port 50428 ssh2
Oct 29 09:11:54 fort sshd[5626]: Failed password for root from
61.81.119.132 port 50502 ssh2
Oct 29 09:11:57 fort sshd[5628]: Failed password for root from
61.81.119.132 port 50536 ssh2
Oct 29 09:12:00 fort sshd[5630]: Failed password for root from
61.81.119.132 port 51018 ssh2
Oct 29 09:12:03 fort sshd[5632]: Failed password for root from
61.81.119.132 port 51504 ssh2
Oct 29 09:12:26 fort sshd[5648]: Failed password for oracle from
61.81.119.132 port 53689 ssh2
Oct 29 09:13:01 fort sshd[5672]: Failed password for root from
61.81.119.132 port 57410 ssh2
Oct 29 09:13:04 fort sshd[5674]: Failed password for root from
61.81.119.132 port 57835 ssh2
Oct 29 09:13:07 fort sshd[5676]: Failed password for root from
61.81.119.132 port 58229 ssh2
Oct 29 09:13:10 fort sshd[5678]: Failed password for root from
61.81.119.132 port 58426 ssh2
Oct 29 09:13:13 fort sshd[5680]: Failed password for root from
61.81.119.132 port 58799 ssh2

fort.kvaek.dk refused connections:

-- End of security output --

#qoute off#

har man nogen mulighed for at undgå noget sådan ? eller har man nogen
mulighed for at komme efter vedkommende?

--
Steffen Frøkjær

• Next message: Flemming Jacobsen: "Re: Intruder attemt on server"
• Previous message: Joachim Bondo: "Søgning i pdf-filer?"
• Next in thread: Flemming Jacobsen: "Re: Intruder attemt on server"
• Reply: Flemming Jacobsen: "Re: Intruder attemt on server"
• Reply: Jakob Breivik Grimstveit: "Re: Intruder attemt on server"
• Reply: Henrik Boegh: "Re: Intruder attemt on server"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

This archive was generated by hypermail 2b30 : Wed 15 Nov 2006 - 18:24:44 CET