Izvini, ali mesanje Santy-ja sa ovom temom je bez ikakvog osnova. Obratiti paznju da je Santy koristio Google za potragu za phpBB sajtovima kako bi iskoristio PHP bug. Babe i zabe. Izvodjenje necega slicnog kako bi se pronasao ssh demon je nemoguce.
Debian distribucija koju preferiram i koristim, po default-u instalira i startuje sshd, sa ukljucenom opcijom
PermitRootLogin. Daleko od toga da Debian distribuciju smatram kljakavom (da upotrebim tvoj izraz).
Iako se slazem s tobom da je potrebno edukovati korisnike o sigurnosti svojih masina, necu i ne mogu se sloziti da treba preterivati u tome, kao sto ti predlazes. U velikoj vecini slucajeva dovoljno je ukazati novim korisnicima je da
pametno izaberu svoje lozinke. To je zasigurno dovoljno da se zastiti sistem od upada preko ssh demona.
Za kraj, evo izvoda iz auth loga na kucnom serveru:
Dec 22 01:01:30 home sshd[2468]: Illegal user eric from 66.45.234.180
Dec 22 01:01:30 home sshd[2468]: reverse mapping checking getaddrinfo for dns1.ezserve.net failed - POSSIBLE BREAKIN ATTEMPT!
Dec 22 01:01:30 home sshd[2468]: error: Could not get shadow information for NOUSER
Dec 22 01:01:30 home sshd[2468]: Failed password for illegal user eric from 66.45.234.180 port 48822 ssh2
Dec 22 01:01:31 home sshd[2470]: Illegal user joe from 66.45.234.180
Dec 22 01:01:31 home sshd[2470]: reverse mapping checking getaddrinfo for dns1.ezserve.net failed - POSSIBLE BREAKIN ATTEMPT!
Dec 22 01:01:31 home sshd[2470]: error: Could not get shadow information for NOUSER
Dec 22 01:01:31 home sshd[2470]: Failed password for illegal user joe from 66.45.234.180 port 48848 ssh2
Dec 22 01:01:32 home sshd[2472]: Illegal user tom from 66.45.234.180
Dec 22 01:01:32 home sshd[2472]: reverse mapping checking getaddrinfo for dns1.ezserve.net failed - POSSIBLE BREAKIN ATTEMPT!
Dec 22 01:01:32 home sshd[2472]: error: Could not get shadow information for NOUSER
Dec 22 01:01:32 home sshd[2472]: Failed password for illegal user tom from 66.45.234.180 port 48877 ssh2
Dec 22 01:01:33 home sshd[2474]: Illegal user billy from 66.45.234.180
Dec 22 01:01:33 home sshd[2474]: reverse mapping checking getaddrinfo for dns1.ezserve.net failed - POSSIBLE BREAKIN ATTEMPT!
Dec 22 01:01:33 home sshd[2474]: error: Could not get shadow information for NOUSER
Dec 22 01:01:33 home sshd[2474]: Failed password for illegal user billy from 66.45.234.180 port 48901 ssh2
Dec 22 01:01:34 home sshd[2477]: Illegal user buddy from 66.45.234.180
Dec 22 01:01:34 home sshd[2477]: reverse mapping checking getaddrinfo for dns1.ezserve.net failed - POSSIBLE BREAKIN ATTEMPT!
Dec 22 01:01:34 home sshd[2477]: error: Could not get shadow information for NOUSER
Dec 22 01:01:34 home sshd[2477]: Failed password for illegal user buddy from 66.45.234.180 port 48931 ssh2
Dec 22 01:01:35 home sshd[2479]: Illegal user jeremy from 66.45.234.180
Dec 22 01:01:35 home sshd[2479]: reverse mapping checking getaddrinfo for dns1.ezserve.net failed - POSSIBLE BREAKIN ATTEMPT!
Dec 22 01:01:35 home sshd[2479]: error: Could not get shadow information for NOUSER
Dec 22 01:01:35 home sshd[2479]: Failed password for illegal user jeremy from 66.45.234.180 port 48961 ssh2
Dec 22 01:01:36 home sshd[2481]: Illegal user vampire from 66.45.234.180
Dec 22 01:01:36 home sshd[2481]: reverse mapping checking getaddrinfo for dns1.ezserve.net failed - POSSIBLE BREAKIN ATTEMPT!
Dec 22 01:01:36 home sshd[2481]: error: Could not get shadow information for NOUSER
Dec 22 01:01:36 home sshd[2481]: Failed password for illegal user vampire from 66.45.234.180 port 48989 ssh2
Mislis da sam imalo uzbudjen zbog toga? Naaaah..
Alex: My favorite site is
http://localhost/
R.J. Oppenheimer: "I am become death, destroyer of worlds" (1945 AD)
tweet.13x ||
linkedin.13x