12-08-2004
being probed Fedora core 2
Lucky me...someone's trying to hack into my mythtv box through ssh. Can I make a policy or something similar to refuse connections from a specific IP after a certain amount of failed logins?
attached is some of the output from /var/log/messages
Quote:
Dec 5 08:12:38 localhost sshd[12129]: Did not receive identification string from ::ffff:221.162.104.14
Dec 5 08:22:09 localhost sshd[12130]: Failed password for nobody from ::ffff:221.162.104.14 port 4760 ssh2
Dec 5 08:22:12 localhost sshd[12132]: Illegal user patrick from ::ffff:221.162.104.14
Dec 5 08:22:14 localhost sshd[12132]: Failed password for illegal user patrick from ::ffff:221.162.104.14 port 4925 ssh2
Dec 5 08:22:16 localhost sshd[12134]: Illegal user patrick from ::ffff:221.162.104.14
Dec 5 08:22:19 localhost sshd[12134]: Failed password for illegal user patrick from ::ffff:221.162.104.14 port 1092 ssh2
Dec 5 08:22:24 localhost sshd[12136]: Failed password for root from ::ffff:221.162.104.14 port 1236 ssh2
Dec 5 08:22:28 localhost sshd[12138]: Failed password for root from ::ffff:221.162.104.14 port 1368 ssh2
Dec 5 08:22:33 localhost sshd[12140]: Failed password for root from ::ffff:221.162.104.14 port 1509 ssh2
Dec 5 08:22:38 localhost sshd[12142]: Failed password for root from ::ffff:221.162.104.14 port 1635 ssh2
Dec 5 08:22:43 localhost sshd[12144]: Failed password for root from ::ffff:221.162.104.14 port 1780 ssh2
Dec 5 08:22:45 localhost sshd[12146]: Illegal user rolo from ::ffff:221.162.104.14
Dec 5 08:22:48 localhost sshd[12146]: Failed password for illegal user rolo from ::ffff:221.162.104.14 port 1902 ssh2
Dec 5 08:22:50 localhost sshd[12148]: Illegal user iceuser from ::ffff:221.162.104.14
Dec 5 08:22:52 localhost sshd[12148]: Failed password for illegal user iceuser from ::ffff:221.162.104.14 port 2042 ssh2
Dec 5 08:22:55 localhost sshd[12150]: Illegal user horde from ::ffff:221.162.104.14
Dec 5 08:22:57 localhost sshd[12150]: Failed password for illegal user horde from ::ffff:221.162.104.14 port 2182 ssh2
Dec 5 08:22:59 localhost sshd[12152]: Illegal user cyrus from ::ffff:221.162.104.14
Dec 5 08:23:02 localhost sshd[12152]: Failed password for illegal user cyrus from ::ffff:221.162.104.14 port 2322 ssh2
Dec 5 08:23:04 localhost sshd[12154]: Illegal user www from ::ffff:221.162.104.14
Dec 5 08:23:06 localhost sshd[12154]: Failed password for illegal user www from ::ffff:221.162.104.14 port 2447 ssh2
Dec 5 08:23:09 localhost sshd[12156]: Illegal user wwwrun from ::ffff:221.162.104.14
10 More Discussions You Might Find Interesting
1. Linux
These are not my desktop (I am still using FC1), they are from Internet forum.
http://gator.dt.uh.edu/~yangm001/snapshot1.jpg
http://gator.dt.uh.edu/~yangm001/snapshot2.jpg (0 Replies)
Discussion started by: HOUSCOUS
0 Replies
2. Linux
I have done some research on the Fedora Project and trying to find clear cut answer on how to migrate from current OS - RH 8.0 Pro to Fedora Core 2. Can anybody help me with this and does Fedora Core 2 include OpenOffice and Ximian Evolution like with my RH 8.0 Pro. (3 Replies)
Discussion started by: Mark McWilliams
3 Replies
3. Linux
I've been using FC2, but my sound card doesn't work
I'm new with linux systems..
but there says that needs to recompile kernel
how can i do it with a kernel 2.6.5 i386 ?
by the way,. my sound card chipset is an ESS 1869F, with a compaq deskpro Smal Form Factor. but i have not found a... (4 Replies)
Discussion started by: Quake
4 Replies
4. Linux
Hiya all,
Hope you can help.
I keep getting the same Error message when I try to install. I have tried several different Diskettes. And I finally ordered CDs from "FASTDISCs". The install "disc Checks" passed fine on these.
The error:
"The package usbitils-0.11.6.1 cannot be opened. ... (8 Replies)
Discussion started by: marty 600
8 Replies
5. Linux
I'm pretty much new to this Linux stuff, I installed FC4 the other night to try it out.
I'm having a slight problem when launching Quake 3, it's giving me the error GLimp_Init() - could not load OpenGL subsystem
I've updated my video drivers to the latest version and went through fglrxconfig,... (3 Replies)
Discussion started by: Filth Pig
3 Replies
6. UNIX for Dummies Questions & Answers
Hello,
I am about to install Fedora on a partition on my hard drive. I got the CD from a magazine and it isnt a LiveCD so the magazine says "fedora core installer isn't a LiveCD, so it will merrily destroy your primary partition when you install on your machine", now I'm guessing the primary... (1 Reply)
Discussion started by: ArkNia
1 Replies
7. UNIX for Dummies Questions & Answers
Hello I'm trying to install fedora core 5 and I'm currently at this screen here:
http://fedora.redhat.com/docs/fedora-install-guide-en/fc5/figs/installingpackages.png
However, the bottom bar is completely gray and there's nothing telling me the "status" of the install. I also told it to format... (2 Replies)
Discussion started by: obeseogre
2 Replies
8. Linux
hi all
i am currently using fedora core 3 . i downloaded the iso image of fedora core 6 but after installing the fedora core 6 . while starting linux it gives a error saying init is been killed .
wht is happened?
thank u (3 Replies)
Discussion started by: nageshrk
3 Replies
9. Linux
hi i dont know much about linux but my boss gave me a job to backup all the mysql database and tables from fedora core4 running as web/database server. i can enter in fedora using remote desktop from my laptop but after that i am unable to do anything. if any one can help me in finding mysql and... (3 Replies)
Discussion started by: obstinate
3 Replies
10. SuSE
Hi. Not sure if this should go in the beginners section, so forgivness please if it's not correctly placed.
I just installed Linux Fedora Core 6 on my home computer (and am very very new to this) so I can learn more about it. However, I am looking for the FC6 equivalent to the System Device... (2 Replies)
Discussion started by: Carl1976
2 Replies
LEARN ABOUT OSF1
snmp_traprcv
snmp_traprcv(8) System Manager's Manual snmp_traprcv(8)
NAME
snmp_traprcv - A program that listens for SNMP trap messages and prints any it receives
SYNOPSIS
/usr/sbin/snmp_traprcv [-d] [-tcp] [-p port]
OPTIONS
Sends a hexadecimal dump of the received packet to stdout. Specifies that the TCP transport be used instead of the UDP transport. If a
connection cannot be established, the program silently receives the trap on the standard transport address (UDP 162). Specifies the port
number on the local host on which to listen to messages. The default is 162, the well-known SNMP trap port.
DESCRIPTION
The snmp_traprcv program listens on the SNMP Trap port specified in the /etc/services file. If no entry exists in the /etc/services file,
the program listens on port 162. If any SNMP trap messages arrive, snmp_traprcv prints them to stdout. The program runs until terminated
by typing Ctrl/c.
RESTRICTIONS
When using the default or well-known port, you must have root privileges in order to run this program. The program may not be able to bind
to the default or specified port if other software on the system is already bound to that port.
SEE ALSO
Commands: snmpd(8), snmp_request(8), snmp_trapsnd(8)
snmp_traprcv(8)