On Fri, Dec 30, 2011 at 8:05 AM, Fred <fcoffey at misernet.net> wrote:
On Fri, 30 Dec 2011, Johnny Billquist wrote:
I'm still looking for script kiddies trying to hack MIM. Once in a while I
do get people who try to login repeatedly as root, falken, and other known
Unix accounts. Poor kids... ;-)
I'm glad I'm not the only one!
I leave telnet open on one of my VMS hosts and love looking at the audit
logs. Most of the time folks just disconnect without even trying a
username. Other times it is "Administrator" and their ilk ... Once or twice
a month I'll read the logs and just laugh. You'd have to know me pretty
well to guess the password for the few accounts on the system, I change them
every 90, and of course intrusion detection is going to get you long before
you get close. :)
Fred
----
Lets call it for what it is - "legacy" is a term that people use in a
polite but derogatory manner to imply that the future direction they
prefer is not that which they view as the current direction.
Hello!
I quite agree. On my resident Linux (Intel) platform here, who also
hosts my website, I would when vacation time loomed set it to be
reachable via the Internet via SSH and then VNC. The listing of who
and what regarding the attempted break-ins on the SSH port is
hilarious. It would be the classic dictionary attack at work. That's
the exact same one tried out on a VAX running BSD 4,2 all the way back
in 1987 (or so), the cuckoo's egg case at work.
Come to think of it I would also from time to time check his error and
access logs for the web serving functions. It's downright laughable
the preposterous efforts people would try that would cause anything
except Apache on Linux to stumble.
Incidentally Johnny Billquist, have we ever worked out a reasonable
method of assigning a dynamic IP address to be reachable by the
efforts of the network? I know it works for websites.....
-----
Gregg C Levine gregg.drwho8 at
gmail.com
"This signature fought the Time Wars, time and again."