-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Please excuse my belated summary. I had experienced ssh-login attacks on a
Tru64 machine I am managing. Thanks to Jean-Pierre Denis for pointing out
the attacker, brutessh2. You can find the source code here:
http://www.k-otik.com/exploits/08202004.brutessh2.c.php
After 100 unsuccessful ssh-login attempts as root, the C2 intrusion detection
system locked the root account.
At present, I need to allow ssh login to the machine, but I have disabled ssh
login from root to improve security somewhat.
Hans
- --
Dr. Hans Ekkehard Plesser
Associate Professor
Department of Mathematical Sciences and Technology
Agricultural University of Norway
Phone +47 6494 8832
Fax +47 6494 8810
Home
http://arken.nlh.no/~imfhep
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see
http://www.gnupg.org
iD8DBQFBQBlEbuXhp9E3LTsRAjA9AJ0e0r1RaIMQ1DqSPto+IeEy8XZMmACgqvOb
FOUSv0XBdcY+4jZ6wydUcUE=
=8Ksn
-----END PGP SIGNATURE-----
Received on Thu Sep 09 2004 - 08:52:43 NZST