Am Do, den 14.10.2004 schrieb Edwin Dicker um 20:42: > I dont know if it has been come to anyones attention but I have these > 'hack-attempts' only since I've subscribed to this list !!! There should be no connection between being tried at sshd and the list subscription. The script kids' scripts are scanning whole nets. A couple of weeks ago I had "the chance" to see such a script. From hacked systems these scripts run and scan larger nets and mail the results of possible victims automatically to their master. > Before that, nobody bothered me other then looking for a open relay system. > Maybe anyone knows someone who is not subscribed to this list and has these > attempts as well ?? Me. I am root on 2 systems where there is no connection to this list and they are too probed on ssh. > It might well be possible that someone is trying to hack us only . At least obvious from my observations is, that mainly old Redhat systems are already owned and used for further attacks. Seems the hackers have specific OpenSSH / OpenSSL versions as their target - and unfortunately there are enough weak because not updated systems connected to the net. > Edwin Alexander -- Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13 Fedora GNU/Linux Core 2 (Tettnang) kernel 2.6.8-1.521smp Serendipity 20:47:43 up 15:59, 16 users, 0.26, 0.34, 0.41
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
