another lot of sshd not being blocked
Posted: 28 Feb 2010, 17:42
started getting these warnings today & not blocked in csf/lfd
have ssh changed their log formats yet again or are the hackers trying a new method
Chhers
Derek
have ssh changed their log formats yet again or are the hackers trying a new method
Chhers
Derek
Code: Select all
Feb 28 16:01:02 knight sshd[23001]: PAM 1 more authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.193.145.252 user=root
Feb 28 16:01:02 knight sshd[23003]: PAM 1 more authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.193.145.252 user=root
Feb 28 16:04:35 knight sshd[23876]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.193.145.252 user=root
Feb 28 16:04:35 knight sshd[23875]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.193.145.252 user=root
Feb 28 16:04:39 knight sshd[23876]: PAM 1 more authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.193.145.252 user=root
Feb 28 16:04:39 knight sshd[23875]: PAM 1 more authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.193.145.252 user=root