System Administration
cancel
Showing results for 
Search instead for 
Did you mean: 

btmp show server being attacked

 
SOLVED
Go to solution
tony j. podrasky
Valued Contributor

btmp show server being attacked

I did a <last> and <lastb> on my system and found someone trying to hack into it. Here are a few entries:

zabbix ssh:notty 155.94.169.167 Tue Sep 25 17:14 - 17:14 (00:00)

www-data ssh:notty 155.94.169.167 Tue Sep 25 17:13 - 17:13 (00:00)

vmail ssh:notty 155.94.169.167 Tue Sep 25 17:08 - 17:08 (00:00)

Does anyone know what port they are using to try to get into my system?

Does anyone know what to edit to keep they from connecting/getting any kind of session?

 

REMEMBER: Once you eliminate your #1 problem, #2 gets a promotion.
2 REPLIES 2
avd437
Occasional Advisor
Solution

Re: btmp show server being attacked

What is os version ?

You can do os hardening, use CIS starndards

https://www.cisecurity.org/cis-benchmarks/

 

tony j. podrasky
Valued Contributor

Re: btmp show server being attacked

Running Fedora 16.

Thanks for the URL. I'll check into it.

regards,

tony

 

REMEMBER: Once you eliminate your #1 problem, #2 gets a promotion.