sâmbătă, 1 mai 2010

login failed



Ce se mai întîmplă cînd pornesc mașina linux fără firewall și cu o grămadă de servere de test rulînd?Mai nimic,decît niște oameni ( de fapt niște programe automate ) care vor neapărat să intre pe contul de administrator sau să trimită mailuri de pe calculatorul meu sau cine știe ce lucruri dubioase ! :) :)  Poți să fi sigur că și pe calculatorul tău se întîmplă cam la fel-chiar dacă ai windows!  


May 1 15:22:09  sshd[6553]: Did not receive identification string from 200.164.137.102
 May 1 15:24:26  sshd[6556]: Invalid user admin from 200.164.137.102
 May 1 15:24:26  sshd[6556]: pam_unix(sshd:auth): check pass; user unknown
 May 1 15:24:26  sshd[6556]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.164.137.102
 May 1 15:24:28  sshd[6556]: Failed password for invalid user admin from 200.164.137.102 port 18708 ssh2





Apr 30 13:39:03  sshd[7743]: Failed password for root from 118.36.130.205 port 45970 ssh2
 Apr 30 13:39:06  sshd[7752]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.36.130.205 user=root
 Apr 30 13:39:08  sshd[7752]: Failed password for root from 118.36.130.205 port 46291 ssh2
 Apr 30 13:39:11  sshd[7754]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.36.130.205 user=root
 Apr 30 13:39:13  sshd[7754]: Failed password for root from 118.36.130.205 port 46603 ssh2
 Apr 30 13:39:16  sshd[7756]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.36.130.205 user=root
 Apr 30 13:39:17  sshd[7756]: Failed password for root from 118.36.130.205 port 46936 ssh2





Apr 27 21:19:13  sshd[14408]: Did not receive identification string from 190.12.89.184
 Apr 27 21:21:27  sshd[14419]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.12.89.184 user=root
 Apr 27 21:21:28  sshd[14419]: Failed password for root from 190.12.89.184 port 37776 ssh2
 Apr 27 21:21:35  sshd[14424]: Invalid user fluffy from 190.12.89.184
 Apr 27 21:21:35  sshd[14424]: pam_unix(sshd:auth): check pass; user unknown
 Apr 27 21:21:35  sshd[14424]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.12.89.184
 Apr 27 21:21:37  sshd[14424]: Failed password for invalid user fluffy from 190.12.89.184 port 37821 ssh2
 Apr 27 21:21:45  sshd[14426]: Invalid user admin from 190.12.89.184
 Apr 27 21:21:46  sshd[14426]: pam_unix(sshd:auth): check pass; user unknown
 Apr 27 21:21:46  sshd[14426]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.12.89.184
 Apr 27 21:21:47  sshd[14426]: Failed password for invalid user admin from 190.12.89.184 port 39715 ssh2
 Apr 27 21:21:59  sshd[14428]: Invalid user test from 190.12.89.184





Apr 29 15:39:37  sshd[7589]: reverse mapping checking getaddrinfo for mailserver.tesync.tv [123.176.41.150] failed - POSSIBLE BREAK-IN ATTEMPT!
Apr 29 15:39:37  sshd[7590]: reverse mapping checking getaddrinfo for mailserver.tesync.tv [123.176.41.150] failed - POSSIBLE BREAK-IN ATTEMPT!
Apr 29 15:39:37  sshd[7590]: Invalid user marine from 123.176.41.150
Apr 29 15:39:37  sshd[7589]: Invalid user globus from 123.176.41.150
Apr 29 15:39:37  sshd[7590]: pam_unix(sshd:auth): check pass; user unknown
Apr 29 15:39:37  sshd[7590]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.176.41.150 
Apr 29 15:39:37  sshd[7589]: pam_unix(sshd:auth): check pass; user unknown
Apr 29 15:39:37  sshd[7589]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.176.41.150 
Apr 29 15:39:39  sshd[7590]: Failed password for invalid user marine from 123.176.41.150 port 41283 ssh2
Apr 29 15:39:39  sshd[7589]: Failed password for invalid user globus from 123.176.41.150 port 40889 ssh2
Apr 29 15:39:42  sshd[7594]: reverse mapping checking getaddrinfo for mailserver.tesync.tv [123.176.41.150] failed - POSSIBLE BREAK-IN ATTEMPT!
Apr 29 15:39:42  sshd[7594]: Invalid user marine from 123.176.41.150
Apr 29 15:39:42  sshd[7594]: pam_unix(sshd:auth): check pass; user unknown
Apr 29 15:39:42  sshd[7594]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.176.41.150 
Apr 29 15:39:43  sshd[7593]: reverse mapping checking getaddrinfo for mailserver.tesync.tv [123.176.41.150] failed - POSSIBLE BREAK-IN ATTEMPT!
Apr 29 15:39:43  sshd[7593]: Invalid user condor from 123.176.41.150


Apr 30 12:48:20 sshd[6509]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=70-88-230-126-smc-md.hfc.comcastbusiness.net user=root
Apr 30 12:48:22 sshd[6509]: Failed password for root from 70.88.230.126 port 33944 ssh2
Apr 30 12:48:23 sshd[6511]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=70-88-230-126-smc-md.hfc.comcastbusiness.net user=root
Apr 30 12:48:25 sshd[6511]: Failed password for root from 70.88.230.126 port 34845 ssh2
Apr 30 12:48:27 sshd[6513]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=70-88-230-126-smc-md.hfc.comcastbusiness.net user=root
Apr 30 12:48:29 sshd[6513]: Failed password for root from 70.88.230.126 port 35836 ssh2
Apr 30 12:48:30 sshd[6515]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=70-88-230-126-smc-md.hfc.cApr 30 13:39:03 luc sshd[7743]: Failed password for root from 118.36.130.205 port 45970 ssh2
 Apr 30 13:39:06  sshd[7752]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.36.130.205 user=root
 Apr 30 13:39:08  sshd[7752]: Failed password for root from 118.36.130.205 port 46291 ssh2
 Apr 30 13:39:11  sshd[7754]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.36.130.205 user=root
 Apr 30 13:39:13  sshd[7754]: Failed password for root from 118.36.130.205 port 46603 ssh2
 Apr 30 13:39:16  sshd[7756]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.36.130.205 user=root
 Apr 30 13:39:17  sshd[7756]: Failed password for root from 118.36.130.205 port 46936 ssh2
omcastbusiness.net user=root
Apr 30 12:48:33 sshd[6515]: Failed password for root from 70.88.230.126 port 36827 ssh2
Apr 30 12:48:34 sshd[6517]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=70-88-230-126-smc-md.hfc.comcastbusiness.net user=root
Apr 30 12:48:36 sshd[6517]: Failed password for root from 70.88.230.126 port 37845 ssh2
Apr 30 12:48:37 sshd[6519]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=70-88-230-126-smc-md.hfc.comcastbusiness.net user=root
Apr 30 12:48:39 sshd[6519]: Failed password for root from 70.88.230.126 port 38804 ssh2
Apr 30 12:48:41 sshd[6521]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=70-88-230-126-smc-md.hfc.comcastbusiness.net user=root
Apr 30 12:48:43 sshd[6521]: Failed password for root from 70.88.230.126 port 39811 ssh2
Apr 30 12:48:44 sshd[6523]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=70-88-230-126-smc-md.hfc.comcastbusiness.net user=root

May 1 16:45:18  sshd[11889]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=88-158-153-74.asconet.ro
May 1 16:45:20  sshd[11889]: Failed password for invalid user gnavarrete from 88.158.153.74 port 52462 ssh2
May 1 16:45:22  sshd[11891]: Invalid user gramos from 88.158.153.74
May 1 16:45:22  sshd[11891]: pam_unix(sshd:auth): check pass; user unknown
May 1 16:45:22  sshd[11891]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=88-158-153-74.asconet.ro
May 1 16:45:24  sshd[11891]: Failed password for invalid user gramos from 88.158.153.74 port 52933 ssh2
May 1 16:45:25  sshd[11893]: Invalid user hrodriguez from 88.158.153.74
May 1 16:45:25  sshd[11893]: pam_unix(sshd:auth): check pass; user unknown
May 1 16:45:25  sshd[11893]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=88-158-153-74.asconet.ro
May 1 16:45:27  sshd[11893]: Failed password for invalid user hrodriguez from 88.158.153.74 port 53334 ssh2
May 1 16:45:29  sshd[11896]: Invalid user informatica from 88.158.153.74
May 1 16:45:29  sshd[11896]: pam_unix(sshd:auth): check pass; user unknown
May 1 16:45:29  sshd[11896]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=88-158-153-74.asconet.ro
May 1 16:45:31  sshd[11896]: Failed password for invalid user informatica from 88.158.153.74 port 53711 ssh2
May 1 16:45:33  sshd[11898]: Invalid user inter from 88.158.153.74
May 1 16:45:33  sshd[11898]: pam_unix(sshd:auth): check pass; user unknown
May 1 16:45:33  sshd[11898]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=88-158-153-74.asconet.ro
May 1 16:45:36  sshd[11898]: Failed password for invalid user inter from 88.158.153.74 port 54220 ssh2
 

Niciun comentariu: