X3noN
12-11-2004, 18:11
Ciao a tutti,
oggi guardando auth.log mi sono accorto che ci sono una miriade ti tentativi di login tramite ssh non andati a buon fine da utenti che non esistono...è qualcuno che ci sta provando?
Mi sto sinceramente preoccupando perchè la cosa è iniziata 5 giorni fa e sta continuando...
vi posto un pezzo del log...
AIUTO!!!
Nov 7 20:09:17 master sshd[14684]: Invalid user admin from ::ffff:81.176.184.20
Nov 7 20:09:17 master sshd[14684]: error: Could not get shadow information for NOUSER
Nov 7 20:09:17 master sshd[14684]: Failed password for invalid user admin from ::ffff:81.176.184.20 port 49515 ssh2
Nov 7 20:09:18 master sshd[14686]: Invalid user user from ::ffff:81.176.184.20
Nov 7 20:09:18 master sshd[14686]: error: Could not get shadow information for NOUSER
Nov 7 20:09:18 master sshd[14686]: Failed password for invalid user user from ::ffff:81.176.184.20 port 49554 ssh2
Nov 7 20:09:19 master sshd[14688]: Failed password for root from ::ffff:81.176.184.20 port 49600 ssh2
Nov 7 20:09:20 master sshd[14690]: Failed password for root from ::ffff:81.176.184.20 port 49634 ssh2
Nov 7 20:09:21 master sshd[14692]: Failed password for root from ::ffff:81.176.184.20 port 49677 ssh2
Nov 7 20:09:22 master sshd[14694]: Invalid user test from ::ffff:81.176.184.20
Nov 7 20:09:22 master sshd[14694]: error: Could not get shadow information for NOUSER
Nov 7 20:09:22 master sshd[14694]: Failed password for invalid user test from ::ffff:81.176.184.20 port 49717 ssh2
Nov 7 20:09:26 master sshd[14696]: Invalid user test from ::ffff:81.176.184.20
Nov 7 20:09:26 master sshd[14696]: error: Could not get shadow information for NOUSER
Nov 7 20:09:26 master sshd[14696]: Failed password for invalid user test from ::ffff:81.176.184.20 port 49773 ssh2
Nov 7 20:09:27 master sshd[14698]: Invalid user test from ::ffff:81.176.184.20
Nov 7 20:09:27 master sshd[14698]: error: Could not get shadow information for NOUSER
Nov 7 20:09:27 master sshd[14698]: Failed password for invalid user test from ::ffff:81.176.184.20 port 49926 ssh2
Nov 7 20:09:28 master sshd[14700]: Invalid user test from ::ffff:81.176.184.20
Nov 7 20:09:28 master sshd[14700]: error: Could not get shadow information for NOUSER
Nov 7 20:09:28 master sshd[14700]: Failed password for invalid user test from ::ffff:81.176.184.20 port 49978 ssh2
Nov 7 20:09:29 master sshd[14702]: Failed password for root from ::ffff:81.176.184.20 port 50018 ssh2
Nov 7 20:09:30 master sshd[14704]: Failed password for root from ::ffff:81.176.184.20 port 50070 ssh2
Nov 7 20:09:31 master sshd[14706]: Failed password for root from ::ffff:81.176.184.20 port 50105 ssh2
Nov 7 20:09:41 master sshd[14708]: Failed password for root from ::ffff:81.176.184.20 port 50139 ssh2
Nov 7 21:25:13 master sshd[14723]: Invalid user test from ::ffff:81.176.184.20
Nov 7 21:25:13 master sshd[14723]: error: Could not get shadow information for NOUSER
Nov 7 21:25:13 master sshd[14723]: Failed password for invalid user test from ::ffff:81.176.184.20 port 34701 ssh2
Nov 7 21:25:14 master sshd[14725]: Invalid user guest from ::ffff:81.176.184.20
Nov 7 21:25:14 master sshd[14725]: error: Could not get shadow information for NOUSER
Nov 7 21:25:14 master sshd[14725]: Failed password for invalid user guest from ::ffff:81.176.184.20 port 34744 ssh2
Nov 7 21:25:15 master sshd[14727]: Invalid user admin from ::ffff:81.176.184.20
Nov 7 21:25:15 master sshd[14727]: error: Could not get shadow information for NOUSER
Nov 7 21:25:15 master sshd[14727]: Failed password for invalid user admin from ::ffff:81.176.184.20 port 34797 ssh2
Nov 7 21:25:16 master sshd[14729]: Invalid user admin from ::ffff:81.176.184.20
Nov 7 21:25:16 master sshd[14729]: error: Could not get shadow information for NOUSER
Nov 7 21:25:16 master sshd[14729]: Failed password for invalid user admin from ::ffff:81.176.184.20 port 34840 ssh2
Nov 7 21:25:18 master sshd[14731]: Invalid user user from ::ffff:81.176.184.20
Nov 7 21:25:18 master sshd[14731]: error: Could not get shadow information for NOUSER
Nov 7 21:25:18 master sshd[14731]: Failed password for invalid user user from ::ffff:81.176.184.20 port 34888 ssh2
Nov 7 21:25:19 master sshd[14733]: Failed password for root from ::ffff:81.176.184.20 port 34951 ssh2
Nov 7 21:25:20 master sshd[14735]: Failed password for root from ::ffff:81.176.184.20 port 34987 ssh2
Nov 7 21:25:21 master sshd[14737]: Failed password for root from ::ffff:81.176.184.20 port 35019 ssh2
Nov 7 21:25:22 master sshd[14739]: Invalid user test from ::ffff:81.176.184.20
Nov 7 21:25:22 master sshd[14739]: error: Could not get shadow information for NOUSER
Nov 7 21:25:22 master sshd[14739]: Failed password for invalid user test from ::ffff:81.176.184.20 port
oggi guardando auth.log mi sono accorto che ci sono una miriade ti tentativi di login tramite ssh non andati a buon fine da utenti che non esistono...è qualcuno che ci sta provando?
Mi sto sinceramente preoccupando perchè la cosa è iniziata 5 giorni fa e sta continuando...
vi posto un pezzo del log...
AIUTO!!!
Nov 7 20:09:17 master sshd[14684]: Invalid user admin from ::ffff:81.176.184.20
Nov 7 20:09:17 master sshd[14684]: error: Could not get shadow information for NOUSER
Nov 7 20:09:17 master sshd[14684]: Failed password for invalid user admin from ::ffff:81.176.184.20 port 49515 ssh2
Nov 7 20:09:18 master sshd[14686]: Invalid user user from ::ffff:81.176.184.20
Nov 7 20:09:18 master sshd[14686]: error: Could not get shadow information for NOUSER
Nov 7 20:09:18 master sshd[14686]: Failed password for invalid user user from ::ffff:81.176.184.20 port 49554 ssh2
Nov 7 20:09:19 master sshd[14688]: Failed password for root from ::ffff:81.176.184.20 port 49600 ssh2
Nov 7 20:09:20 master sshd[14690]: Failed password for root from ::ffff:81.176.184.20 port 49634 ssh2
Nov 7 20:09:21 master sshd[14692]: Failed password for root from ::ffff:81.176.184.20 port 49677 ssh2
Nov 7 20:09:22 master sshd[14694]: Invalid user test from ::ffff:81.176.184.20
Nov 7 20:09:22 master sshd[14694]: error: Could not get shadow information for NOUSER
Nov 7 20:09:22 master sshd[14694]: Failed password for invalid user test from ::ffff:81.176.184.20 port 49717 ssh2
Nov 7 20:09:26 master sshd[14696]: Invalid user test from ::ffff:81.176.184.20
Nov 7 20:09:26 master sshd[14696]: error: Could not get shadow information for NOUSER
Nov 7 20:09:26 master sshd[14696]: Failed password for invalid user test from ::ffff:81.176.184.20 port 49773 ssh2
Nov 7 20:09:27 master sshd[14698]: Invalid user test from ::ffff:81.176.184.20
Nov 7 20:09:27 master sshd[14698]: error: Could not get shadow information for NOUSER
Nov 7 20:09:27 master sshd[14698]: Failed password for invalid user test from ::ffff:81.176.184.20 port 49926 ssh2
Nov 7 20:09:28 master sshd[14700]: Invalid user test from ::ffff:81.176.184.20
Nov 7 20:09:28 master sshd[14700]: error: Could not get shadow information for NOUSER
Nov 7 20:09:28 master sshd[14700]: Failed password for invalid user test from ::ffff:81.176.184.20 port 49978 ssh2
Nov 7 20:09:29 master sshd[14702]: Failed password for root from ::ffff:81.176.184.20 port 50018 ssh2
Nov 7 20:09:30 master sshd[14704]: Failed password for root from ::ffff:81.176.184.20 port 50070 ssh2
Nov 7 20:09:31 master sshd[14706]: Failed password for root from ::ffff:81.176.184.20 port 50105 ssh2
Nov 7 20:09:41 master sshd[14708]: Failed password for root from ::ffff:81.176.184.20 port 50139 ssh2
Nov 7 21:25:13 master sshd[14723]: Invalid user test from ::ffff:81.176.184.20
Nov 7 21:25:13 master sshd[14723]: error: Could not get shadow information for NOUSER
Nov 7 21:25:13 master sshd[14723]: Failed password for invalid user test from ::ffff:81.176.184.20 port 34701 ssh2
Nov 7 21:25:14 master sshd[14725]: Invalid user guest from ::ffff:81.176.184.20
Nov 7 21:25:14 master sshd[14725]: error: Could not get shadow information for NOUSER
Nov 7 21:25:14 master sshd[14725]: Failed password for invalid user guest from ::ffff:81.176.184.20 port 34744 ssh2
Nov 7 21:25:15 master sshd[14727]: Invalid user admin from ::ffff:81.176.184.20
Nov 7 21:25:15 master sshd[14727]: error: Could not get shadow information for NOUSER
Nov 7 21:25:15 master sshd[14727]: Failed password for invalid user admin from ::ffff:81.176.184.20 port 34797 ssh2
Nov 7 21:25:16 master sshd[14729]: Invalid user admin from ::ffff:81.176.184.20
Nov 7 21:25:16 master sshd[14729]: error: Could not get shadow information for NOUSER
Nov 7 21:25:16 master sshd[14729]: Failed password for invalid user admin from ::ffff:81.176.184.20 port 34840 ssh2
Nov 7 21:25:18 master sshd[14731]: Invalid user user from ::ffff:81.176.184.20
Nov 7 21:25:18 master sshd[14731]: error: Could not get shadow information for NOUSER
Nov 7 21:25:18 master sshd[14731]: Failed password for invalid user user from ::ffff:81.176.184.20 port 34888 ssh2
Nov 7 21:25:19 master sshd[14733]: Failed password for root from ::ffff:81.176.184.20 port 34951 ssh2
Nov 7 21:25:20 master sshd[14735]: Failed password for root from ::ffff:81.176.184.20 port 34987 ssh2
Nov 7 21:25:21 master sshd[14737]: Failed password for root from ::ffff:81.176.184.20 port 35019 ssh2
Nov 7 21:25:22 master sshd[14739]: Invalid user test from ::ffff:81.176.184.20
Nov 7 21:25:22 master sshd[14739]: error: Could not get shadow information for NOUSER
Nov 7 21:25:22 master sshd[14739]: Failed password for invalid user test from ::ffff:81.176.184.20 port