----- Original Message ----- From: "Alexander Dalloz" <alexander.dalloz@xxxxxxxxxxxxxxxx>
To: "For users of Fedora Core releases" <fedora-list@xxxxxxxxxx>
Sent: Thursday, 14 October, 2004 19:28
Subject: Re: More SSH 'trolling'
Again an old hacked Redhat box :( If you do a port scan on the above given IP address you will quickly find both the reason why it is being hacked (old, unpatched services) and the indicator that it is a hacked box:
101/tcp open ssh SSH 1.2.32 (protocol 1.5)
Seen that for so many hosts now which are involved in the SSH login attempts.
Folks, if anyone of you are still running an old Redhat release which is not managed any more regarding security updates and you don't update your own from sources, please take those hosts from the net immediately!
Alexander
Alexander has done some investigation :) good work !
I dont know if it has been come to anyones attention but I have these 'hack-attempts' only since I've subscribed to this list !!!
Before that, nobody bothered me other then looking for a open relay system.
Maybe anyone knows someone who is not subscribed to this list and has these attempts as well ??
It might well be possible that someone is trying to hack us only .
Just my thoughts,
Edwin
