boot force attack help

bibhor dhungel bibhor at gmail.com
Mon Jul 25 15:42:58 MDT 2005


hi Jeff,
thanks for the quick reply. The server is hosted by a company out in
the east and they emailed  us with complaints from other server on the
network that they are trying to access their servers.
they sent us sample offending messages:
ip=207.234.130.169
server has not yet been disabled
  king/password from ip.ip.ip.ip: 5 Time(s)
   kiss/password from ip.ip.ip.ip: 5 Time(s)
   kris/password from ip.ip.ip.ip: 5 Time(s)
   lawrence/password from ip.ip.ip.ip: 5 Time(s)
   lee/password from ip.ip.ip.ip: 5 Time(s)
   leonardo/password from ip.ip.ip.ip: 5 Time(s)
   library/password from ip.ip.ip.ip: 5 Time(s)
   lie/password from ip.ip.ip.ip: 5 Time(s)
   lost+found/password from ip.ip.ip.ip: 5 Time(s)
   love/password from ip.ip.ip.ip: 5 Time(s)
   lupdate/password from ip.ip.ip.ip: 5 Time(s)
   maccounts/password from ip.ip.ip.ip: 5 Time(s)
   mario/password from ip.ip.ip.ip: 5 Time(s)
   marvin/password from ip.ip.ip.ip: 5 Time(s)
   mary/password from ip.ip.ip.ip: 5 Time(s)

I have installed some programs but all through yum (using the default
repository and DAG).
I will probably have to do a reinstall.
thanks
bibhor



More information about the PLUG mailing list