Re: btmp show server being attacked

tony j. podrasky · ‎09-27-2018

I did a <last> and <lastb> on my system and found someone trying to hack into it. Here are a few entries:

zabbix ssh:notty 155.94.169.167 Tue Sep 25 17:14 - 17:14 (00:00)

www-data ssh:notty 155.94.169.167 Tue Sep 25 17:13 - 17:13 (00:00)

vmail ssh:notty 155.94.169.167 Tue Sep 25 17:08 - 17:08 (00:00)

Does anyone know what port they are using to try to get into my system?

Does anyone know what to edit to keep they from connecting/getting any kind of session?

REMEMBER: Once you eliminate your #1 problem, #2 gets a promotion.

avd437 · ‎10-01-2018

What is os version ?

You can do os hardening, use CIS starndards

https://www.cisecurity.org/cis-benchmarks/

I work for HPE.
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]

tony j. podrasky · ‎10-01-2018

Running Fedora 16.

Thanks for the URL. I'll check into it.

regards,

tony

REMEMBER: Once you eliminate your #1 problem, #2 gets a promotion.

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: btmp show server being attacked

btmp show server being attacked

Re: btmp show server being attacked

Re: btmp show server being attacked