Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror

Comment: Cable Only Being Used For Downstream Traffic (Score 5, Informative) 132 132

The most interesting thing which the summary skipped over is from the Renesys article which states that apparently Cuba is only using the new fibre cable for downstream traffic and that upstream traffic is still going out via their satellite links.

Comment: Noticed It (Score 1) 203 203

I noticed this last night when lwatch just start spewing out failed authentication attempts. One point that I don't really see mentioned is that they will try a wide variety of different usernames. A snippet from auth.log:

Apr 12 23:16:27 host sshd[523]: Address 202.42.66.11 maps to changi.aglow.com.sg, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Apr 12 23:16:27 host sshd[523]: Invalid user warpuser from 202.42.66.11
Apr 12 23:16:27 host sshd[523]: pam_unix(sshd:auth): check pass; user unknown
Apr 12 23:16:27 host sshd[523]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.42.66.11
Apr 12 23:16:29 host sshd[523]: Failed password for invalid user warpuser from 202.42.66.11 port 58502 ssh2
Apr 12 23:16:32 host sshd[525]: Address 202.42.66.11 maps to changi.aglow.com.sg, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Apr 12 23:16:32 host sshd[525]: Invalid user fwadmin from 202.42.66.11
Apr 12 23:16:32 host sshd[525]: pam_unix(sshd:auth): check pass; user unknown
Apr 12 23:16:32 host sshd[525]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.42.66.11
Apr 12 23:16:35 host sshd[525]: Failed password for invalid user fwadmin from 202.42.66.11 port 58869 ssh2
Apr 12 23:16:38 host sshd[535]: Address 202.42.66.11 maps to changi.aglow.com.sg, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Apr 12 23:16:38 host sshd[535]: Invalid user mailadm from 202.42.66.11
Apr 12 23:16:38 host sshd[535]: pam_unix(sshd:auth): check pass; user unknown
Apr 12 23:16:38 host sshd[535]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.42.66.11
Apr 12 23:16:40 host sshd[535]: Failed password for invalid user mailadm from 202.42.66.11 port 59272 ssh2

An easy method to out-smart them that has been mentioned before is to simply change the SSH port.

There's a whole WORLD in a mud puddle! -- Doug Clifford

Working...