Login or Register to Ask a Question and Join Our Community


Linux

being probed Fedora core 2

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems Linux being probed Fedora core 2
# 1  
Old 12-08-2004
being probed Fedora core 2
Lucky me...someone's trying to hack into my mythtv box through ssh. Can I make a policy or something similar to refuse connections from a specific IP after a certain amount of failed logins?

attached is some of the output from /var/log/messages

Quote:
Dec 5 08:12:38 localhost sshd[12129]: Did not receive identification string from ::ffff:221.162.104.14
Dec 5 08:22:09 localhost sshd[12130]: Failed password for nobody from ::ffff:221.162.104.14 port 4760 ssh2
Dec 5 08:22:12 localhost sshd[12132]: Illegal user patrick from ::ffff:221.162.104.14
Dec 5 08:22:14 localhost sshd[12132]: Failed password for illegal user patrick from ::ffff:221.162.104.14 port 4925 ssh2
Dec 5 08:22:16 localhost sshd[12134]: Illegal user patrick from ::ffff:221.162.104.14
Dec 5 08:22:19 localhost sshd[12134]: Failed password for illegal user patrick from ::ffff:221.162.104.14 port 1092 ssh2
Dec 5 08:22:24 localhost sshd[12136]: Failed password for root from ::ffff:221.162.104.14 port 1236 ssh2
Dec 5 08:22:28 localhost sshd[12138]: Failed password for root from ::ffff:221.162.104.14 port 1368 ssh2
Dec 5 08:22:33 localhost sshd[12140]: Failed password for root from ::ffff:221.162.104.14 port 1509 ssh2
Dec 5 08:22:38 localhost sshd[12142]: Failed password for root from ::ffff:221.162.104.14 port 1635 ssh2
Dec 5 08:22:43 localhost sshd[12144]: Failed password for root from ::ffff:221.162.104.14 port 1780 ssh2
Dec 5 08:22:45 localhost sshd[12146]: Illegal user rolo from ::ffff:221.162.104.14
Dec 5 08:22:48 localhost sshd[12146]: Failed password for illegal user rolo from ::ffff:221.162.104.14 port 1902 ssh2
Dec 5 08:22:50 localhost sshd[12148]: Illegal user iceuser from ::ffff:221.162.104.14
Dec 5 08:22:52 localhost sshd[12148]: Failed password for illegal user iceuser from ::ffff:221.162.104.14 port 2042 ssh2
Dec 5 08:22:55 localhost sshd[12150]: Illegal user horde from ::ffff:221.162.104.14
Dec 5 08:22:57 localhost sshd[12150]: Failed password for illegal user horde from ::ffff:221.162.104.14 port 2182 ssh2
Dec 5 08:22:59 localhost sshd[12152]: Illegal user cyrus from ::ffff:221.162.104.14
Dec 5 08:23:02 localhost sshd[12152]: Failed password for illegal user cyrus from ::ffff:221.162.104.14 port 2322 ssh2
Dec 5 08:23:04 localhost sshd[12154]: Illegal user www from ::ffff:221.162.104.14
Dec 5 08:23:06 localhost sshd[12154]: Failed password for illegal user www from ::ffff:221.162.104.14 port 2447 ssh2
Dec 5 08:23:09 localhost sshd[12156]: Illegal user wwwrun from ::ffff:221.162.104.14
# 2  
Old 12-09-2004
not sure but:
I've been reading about Linux security lately, and I believe you might be able to use the standard Linux firewall (ipchanes? / iptables?) to allow acces to certain ports from certain IP adresses and deny all others. If your woried, deny all for now and allow some other things once your familiar with the material.
I'm sorry, I'm not able to help you more...
# 3  
Old 12-09-2004
Even though it's not a fix in the short term, you might also want to report this clown (dates/times/IP address/log output) to
ip@ns.kornet.net

It would appear that the IP is assigned by KORNET (Korea).

EDIT: If you want to quickly get iptables/ipchains up and running (and are using KDE - might have to install it from RPM using Fedora as Gnome is standard - should be on distro media, if not yum for it) try GuardDog.

Hope you put a stop to it quickly - there are some mindless individuals out there. Good luck Smilie

Cheers
ZB
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. SuSE

Navigation of Fedora Core 6

Hi. Not sure if this should go in the beginners section, so forgivness please if it's not correctly placed. I just installed Linux Fedora Core 6 on my home computer (and am very very new to this) so I can learn more about it. However, I am looking for the FC6 equivalent to the System Device... (2 Replies)
Discussion started by: Carl1976
2 Replies

2. Linux

mysql in fedora core 4

hi i dont know much about linux but my boss gave me a job to backup all the mysql database and tables from fedora core4 running as web/database server. i can enter in fedora using remote desktop from my laptop but after that i am unable to do anything. if any one can help me in finding mysql and... (3 Replies)
Discussion started by: obstinate
3 Replies

3. Linux

fedora core 6 problem

hi all i am currently using fedora core 3 . i downloaded the iso image of fedora core 6 but after installing the fedora core 6 . while starting linux it gives a error saying init is been killed . wht is happened? thank u (3 Replies)
Discussion started by: nageshrk
3 Replies

4. UNIX for Dummies Questions & Answers

help installing fedora core 5

Hello I'm trying to install fedora core 5 and I'm currently at this screen here: http://fedora.redhat.com/docs/fedora-install-guide-en/fc5/figs/installingpackages.png However, the bottom bar is completely gray and there's nothing telling me the "status" of the install. I also told it to format... (2 Replies)
Discussion started by: obeseogre
2 Replies

5. UNIX for Dummies Questions & Answers

Installing Fedora Core 4

Hello, I am about to install Fedora on a partition on my hard drive. I got the CD from a magazine and it isnt a LiveCD so the magazine says "fedora core installer isn't a LiveCD, so it will merrily destroy your primary partition when you install on your machine", now I'm guessing the primary... (1 Reply)
Discussion started by: ArkNia
1 Replies

6. Linux

Help with OpenGL in Fedora Core 4.

I'm pretty much new to this Linux stuff, I installed FC4 the other night to try it out. I'm having a slight problem when launching Quake 3, it's giving me the error GLimp_Init() - could not load OpenGL subsystem I've updated my video drivers to the latest version and went through fglrxconfig,... (3 Replies)
Discussion started by: Filth Pig
3 Replies

7. Linux

Trying to install Fedora Core 3...

Hiya all, Hope you can help. I keep getting the same Error message when I try to install. I have tried several different Diskettes. And I finally ordered CDs from "FASTDISCs". The install "disc Checks" passed fine on these. The error: "The package usbitils-0.11.6.1 cannot be opened. ... (8 Replies)
Discussion started by: marty 600
8 Replies

8. Linux

Using Fedora Core 2

I've been using FC2, but my sound card doesn't work I'm new with linux systems.. but there says that needs to recompile kernel how can i do it with a kernel 2.6.5 i386 ? by the way,. my sound card chipset is an ESS 1869F, with a compaq deskpro Smal Form Factor. but i have not found a... (4 Replies)
Discussion started by: Quake
4 Replies

9. Linux

Migrate from RH 8.0 to Fedora Core 2

I have done some research on the Fedora Project and trying to find clear cut answer on how to migrate from current OS - RH 8.0 Pro to Fedora Core 2. Can anybody help me with this and does Fedora Core 2 include OpenOffice and Ximian Evolution like with my RH 8.0 Pro. (3 Replies)
Discussion started by: Mark McWilliams
3 Replies

10. Linux

Fedora Core 2 Snapshot

These are not my desktop (I am still using FC1), they are from Internet forum. http://gator.dt.uh.edu/~yangm001/snapshot1.jpg http://gator.dt.uh.edu/~yangm001/snapshot2.jpg (0 Replies)
Discussion started by: HOUSCOUS
0 Replies
Login or Register to Ask a Question