My hardware firewall-router-LANswitch died yesterday. Considering that it was about five or six years old and only cost me about $25 US, I'm not too unhappy about it. While waiting for a newer model from NewEgg, I've been running with a direct connection from my cable modem to my main box. Since then, I have noticed two or three popups saying
I've run a couple of "whois #.#.#.#" I've contacted the owners to whom the addresses traced back, two American ISPs and a German University. One of the ISPs, thanked me for my interest. The others said nothing.
A glance at /var/log/auth.log indicates that this was just the tip of the iceberg. Since 1800 UT yesterday, my computer has been probed several hundred times from at least 6 different IP addresses from as far away as Romania. The numbers are approximate because the file is 170 KB long! At least twice, the probes included trying to get in with username "root", (Don't EVER tell me that using sudo instead of a root login is too much trouble.), admin. apache, guest, sshd, and an alphabetical listing of first names, Another attack took place while I was typing this message.
I don't think that anyone got in, but imagine what might have happened had this been a windoze computer, or even a Linux computer with a distro that defaults to open ports.
Do they give out points for the number of denial-of-service attacks you participate in (like SETI@HOME)?
"Attention: Somebody is requesting a connection to your computer.
Granting this will allow the remote user to watch your desktop.
Remote system: ffff:#.#.#.#".
Granting this will allow the remote user to watch your desktop.
Remote system: ffff:#.#.#.#".
A glance at /var/log/auth.log indicates that this was just the tip of the iceberg. Since 1800 UT yesterday, my computer has been probed several hundred times from at least 6 different IP addresses from as far away as Romania. The numbers are approximate because the file is 170 KB long! At least twice, the probes included trying to get in with username "root", (Don't EVER tell me that using sudo instead of a root login is too much trouble.), admin. apache, guest, sshd, and an alphabetical listing of first names, Another attack took place while I was typing this message.
I don't think that anyone got in, but imagine what might have happened had this been a windoze computer, or even a Linux computer with a distro that defaults to open ports.
Do they give out points for the number of denial-of-service attacks you participate in (like SETI@HOME)?
Comment