[aklug] Re: And in the logs...

From: Kevin Miller <atftb2@alaska.net>
Date: Wed Jan 05 2011 - 22:25:23 AKST

On 01/05/2011 10:16 PM, Christopher Howard wrote:
> So, ever since I set up my own little public server, and set it out by
> its lonely self on the vast Internet, it has been fascinating to read
> through the logs each day and see all the attacks, mostly from
> mysterious Chinese urls. The two most popular attacks:
>
> 1. The attacker attempts to log in with every imaginable ssh username,
> often trying two or three hundred different names in a row.
>
> 2. The attacker attempts to use the e-mail server as an open-relay,
> trying multiple times using different From addresses.
>
> You pros out there: any interesting stuff pop up your logs lately?

I was always amused by the ones that were trying to exploit something in
c:\windows\system32. Try as I might I can't seem to find that directory
on my system!

I should have taken a screen shot, but some time back I got one of the
fake malware warnings pop up. It looked exactly like an XP dialog box.
Kind of out of place on a KDE desktop. Apparently I had a couple dozen
infections in that same ol' c: drive that I can't find. :-)

...Kevin

-- 
Kevin Miller - http://www.alaska.net/~atftb
Juneau, Alaska
In a recent survey, 7 out of 10 hard drives preferred Linux
Registered Linux User No: 307357, http://counter.li.org
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Wed Jan 5 22:25:31 2011

This archive was generated by hypermail 2.1.8 : Wed Jan 05 2011 - 22:25:31 AKST