Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 13 Aug 2004 16:05:34 +0200
From:      Sandor Berta <berta@beco.hu>
To:        freebsd-security@freebsd.org
Subject:   sequences in the auth.log
Message-ID:  <411CCAAE.7020505@beco.hu>
next in thread | raw e-mail | index | archive | help 
Hi all,
I found similar sequences in the
/var/auth.log files of freebsd boxes, I supervise.:
Aug 13 13:56:08 www sshd[26091]: Illegal user test from 165.21.103.20
Aug 13 13:56:11 www sshd[26093]: Illegal user guest from 165.21.103.20
Aug 13 13:56:15 www sshd[26096]: Illegal user admin from 165.21.103.20
Aug 13 13:56:18 www sshd[26103]: Illegal user admin from 165.21.103.20
Aug 13 13:56:21 www sshd[26105]: Illegal user user from 165.21.103.20
Aug 13 13:56:25 www sshd[26107]: Failed password for root from 
165.21.103.20 port 39678 ssh2
Aug 13 13:56:28 www sshd[26109]: Failed password for root from 
165.21.103.20 port 39760 ssh2
Aug 13 13:56:32 www sshd[26111]: Failed password for root from 
165.21.103.20 port 39836 ssh2
Aug 13 13:56:35 www sshd[26113]: Illegal user test from 165.21.103.20
Aug 13 14:25:36 www sshd[26485]: Illegal user test from 202.28.120.57
Aug 13 14:25:41 www sshd[26487]: Illegal user guest from 202.28.120.57

What are these?

bye
Sandor Berta

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?411CCAAE.7020505>