sequences in the auth.log
Peter C. Lai
sirmoo at cowbert.net
Fri Aug 13 11:33:10 PDT 2004
On Fri, Aug 13, 2004 at 04:14:29PM +0200, Mohacsi Janos wrote:
> Hi Sandor,
> You don't have to worry, unless you have user 'test', 'guest',
> 'admin', 'root' with poor password: typically same or very similar to your
> accountname. There seems to be a script around the hackers to scan SSH and
> gain access to poorly configured servers.... Unfortunately they are plenty
> of badly configured servers. May be you should disable root access via SSH
> password (only via keys).
Disabling root login via ssh will still cause 'failed password' entries in
syslog. (on openssh 3.7 anyway)
--
Peter C. Lai
University of Connecticut
Dept. of Molecular and Cell Biology
Yale University School of Medicine
SenseLab | Research Assistant
http://cowbert.2y.net/
More information about the freebsd-security
mailing list