The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How to die SSH access?

Discussion in 'General Discussion' started by flash7, Nov 18, 2004.

  1. flash7

    flash7 Well-Known Member

    Joined:
    Feb 16, 2004
    Messages:
    203
    Likes Received:
    0
    Trophy Points:
    16
    Every day my server...

    --------------------- pam_unix Begin ------------------------

    sshd:
    Invalid Users:
    Unknown Account: 43 Time(s)
    Authentication Failures:
    unknown (customer-reverse-entry.216.93.183.70 ): 43 Time(s)
    mysql (customer-reverse-entry.216.93.183.70 ): 1 Time(s)
    root (customer-reverse-entry.216.93.183.70 ): 59 Time(s)
    nobody (customer-reverse-entry.216.93.183.70 ): 1 Time(s)
    adm (customer-reverse-entry.216.93.183.70 ): 2 Time(s)
    operator (customer-reverse-entry.216.93.183.70 ): 1 Time(s)


    ---------------------- pam_unix End -------------------------


    --------------------- SSHD Begin ------------------------


    Failed logins from these:
    account/password from 216.93.183.70: 1 Time(s)
    adam/password from 216.93.183.70: 1 Time(s)
    adm/password from 216.93.183.70: 2 Time(s)
    alan/password from 216.93.183.70: 1 Time(s)
    apache/password from 216.93.183.70: 1 Time(s)
    backup/password from 216.93.183.70: 1 Time(s)
    cip51/password from 216.93.183.70: 1 Time(s)
    cip52/password from 216.93.183.70: 1 Time(s)
    cosmin/password from 216.93.183.70: 1 Time(s)
    cyrus/password from 216.93.183.70: 1 Time(s)
    data/password from 216.93.183.70: 1 Time(s)
    frank/password from 216.93.183.70: 1 Time(s)
    george/password from 216.93.183.70: 1 Time(s)
    henry/password from 216.93.183.70: 1 Time(s)
    horde/password from 216.93.183.70: 1 Time(s)
    iceuser/password from 216.93.183.70: 1 Time(s)
    irc/password from 216.93.183.70: 2 Time(s)
    jane/password from 216.93.183.70: 1 Time(s)
    john/password from 216.93.183.70: 1 Time(s)
    master/password from 216.93.183.70: 1 Time(s)
    matt/password from 216.93.183.70: 1 Time(s)
    mysql/password from 216.93.183.70: 1 Time(s)
    nobody/password from 216.93.183.70: 1 Time(s)
    noc/password from 216.93.183.70: 1 Time(s)
    operator/password from 216.93.183.70: 1 Time(s)
    oracle/password from 216.93.183.70: 1 Time(s)
    pamela/password from 216.93.183.70: 1 Time(s)
    patrick/password from 216.93.183.70: 2 Time(s)
    rolo/password from 216.93.183.70: 1 Time(s)
    root/password from 216.93.183.70: 59 Time(s)
    server/password from 216.93.183.70: 1 Time(s)
    sybase/password from 216.93.183.70: 1 Time(s)
    test/password from 216.93.183.70: 5 Time(s)
    user/password from 216.93.183.70: 3 Time(s)
    web/password from 216.93.183.70: 2 Time(s)
    webmaster/password from 216.93.183.70: 1 Time(s)
    www-data/password from 216.93.183.70: 1 Time(s)
    www/password from 216.93.183.70: 1 Time(s)
    wwwrun/password from 216.93.183.70: 1 Time(s)

    **Unmatched Entries**
    Illegal user patrick from 216.93.183.70
    Illegal user patrick from 216.93.183.70
    Illegal user rolo from 216.93.183.70
    Illegal user iceuser from 216.93.183.70
    Illegal user horde from 216.93.183.70
    Illegal user cyrus from 216.93.183.70
    Illegal user www from 216.93.183.70
    Illegal user wwwrun from 216.93.183.70
    Illegal user matt from 216.93.183.70
    Illegal user test from 216.93.183.70
    Illegal user test from 216.93.183.70
    Illegal user test from 216.93.183.70
    Illegal user test from 216.93.183.70
    Illegal user www-data from 216.93.183.70
    Illegal user apache from 216.93.183.70
    Illegal user irc from 216.93.183.70
    Illegal user irc from 216.93.183.70
    Illegal user jane from 216.93.183.70
    Illegal user pamela from 216.93.183.70
    Illegal user cosmin from 216.93.183.70
    Illegal user cip52 from 216.93.183.70
    Illegal user cip51 from 216.93.183.70
    Illegal user noc from 216.93.183.70
    Illegal user webmaster from 216.93.183.70
    Illegal user data from 216.93.183.70
    Illegal user user from 216.93.183.70
    Illegal user user from 216.93.183.70
    Illegal user user from 216.93.183.70
    Illegal user web from 216.93.183.70
    Illegal user web from 216.93.183.70
    Illegal user oracle from 216.93.183.70
    Illegal user sybase from 216.93.183.70
    Illegal user master from 216.93.183.70
    Illegal user account from 216.93.183.70
    Illegal user backup from 216.93.183.70
    Illegal user server from 216.93.183.70
    Illegal user adam from 216.93.183.70
    Illegal user alan from 216.93.183.70
    Illegal user frank from 216.93.183.70
    Illegal user george from 216.93.183.70
    Illegal user henry from 216.93.183.70
    Illegal user john from 216.93.183.70
    Illegal user test from 216.93.183.70

    ---------------------- SSHD End -------------------------
     
  2. linux-image

    linux-image Well-Known Member

    Joined:
    Jun 8, 2004
    Messages:
    1,192
    Likes Received:
    1
    Trophy Points:
    38
    Location:
    India
    cPanel Access Level:
    Root Administrator
    change port of the ssh at the sshd.conf to something else.
     
  3. djmerlyn

    djmerlyn Well-Known Member

    Joined:
    Aug 31, 2004
    Messages:
    203
    Likes Received:
    1
    Trophy Points:
    16
    Why not follow these instructions BRUTE FORCE DETECTION and rest a little bit easier?

    Welcome to root administration~
     
  4. flash7

    flash7 Well-Known Member

    Joined:
    Feb 16, 2004
    Messages:
    203
    Likes Received:
    0
    Trophy Points:
    16
    Thanks!! :)
     
Loading...

Share This Page