[CLUE-Tech] more hack attempts

Charles Oriez coriez at oriez.org
Sun Aug 8 07:27:33 MDT 2004 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Happened yesterday on both Sierra Club machines.  Same two originating 
IPA's. Same set of standard accounts.  Sierra Club has a lawyer who is a 
frontier customer, so we may get a little further in identifying the culprit.


X-Original-To: coriez at nilenet.com
Delivered-To: coriez at nilenet.com
Received: from geb.den.nilenet.net (geb.den.nilenet.net [207.174.251.25])
         by mail.nilenet.com (Postfix) with ESMTP id 323CA6357
         for <coriez at nilenet.com>; Sun,  8 Aug 2004 04:01:22 -0600 (MDT)
Received: from localhost (localhost [127.0.0.1])
         by geb.den.nilenet.net (Postfix) with ESMTP id CB18C11505
         for <coriez at nilenet.com>; Sun,  8 Aug 2004 04:01:21 -0600 (MDT)
Received: from geb.den.nilenet.net ([127.0.0.1])
  by localhost (geb.den.nilenet.net [127.0.0.1]) (amavisd-new, port 10024)
  with ESMTP id 02855-08 for <coriez at nilenet.com>;
  Sun,  8 Aug 2004 04:01:16 -0600 (MDT)
Received: from rmc.sierraclub.org (rmc.sierraclub.org [207.174.21.6])
         by geb.den.nilenet.net (Postfix) with ESMTP id 3DF4A11538
         for <coriez at oriez.org>; Sun,  8 Aug 2004 04:01:16 -0600 (MDT)
Received: from athena.sierraclub.org (localhost.localdomain [127.0.0.1])
         by rmc.sierraclub.org (8.12.8/8.12.8) with ESMTP id i78A2648023388
         for <oriez at athena.sierraclub.org>; Sun, 8 Aug 2004 04:02:06 -0600
Received: (from root at localhost)
         by athena.sierraclub.org (8.12.8/8.12.8/Submit) id i78A26Ai023385
         for oriez; Sun, 8 Aug 2004 04:02:06 -0600
Date: Sun, 8 Aug 2004 04:02:06 -0600
From: root <root at rmc.sierraclub.org>
Message-Id: <200408081002.i78A26Ai023385 at athena.sierraclub.org>
To: oriez at athena.sierraclub.org
Subject: LogWatch for athena
X-Virus-Scanned: by amavisd-new at nilenet.com
X-UIDL: KMR"!J;`"!j>W!!b&I"!



  ################### LogWatch 4.3.1 (01/13/03) ####################
        Processing Initiated: Sun Aug  8 04:02:04 2004
        Date Range Processed: yesterday
      Detail Level of Output: 0
           Logfiles for Host: athena
  ################################################################

  --------------------- pam_unix Begin ------------------------

sshd:
    Authentication Failures:
       root (207-173-233-60.nas2.elk.ca.frontiernet.net ): 18 Time(s)
       daemon (207-173-233-60.nas2.elk.ca.frontiernet.net ): 2 Time(s)
       operator (207-173-233-60.nas2.elk.ca.frontiernet.net ): 2 Time(s)
       adm (207-173-233-60.nas2.elk.ca.frontiernet.net ): 8 Time(s)
       bin (207-173-233-60.nas2.elk.ca.frontiernet.net ): 2 Time(s)
       root (216.20.1.189 ): 3 Time(s)
       games (207-173-233-60.nas2.elk.ca.frontiernet.net ): 4 Time(s)

login:
    Invalid Users:
       Bad User: : 1 Time(s)



- --
coriez at oriez.org 39  34' 34.4"N / 105 00' 06.3"W
Lazlo's Chinese Relativity Axiom: "No matter how great your triumphs or how 
tragic your defeats, approximately one billion Chinese couldn't care less." 
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>
Comment: created 6/26/04 expire 6/25/05 stored MIT & PGP.COM

iQA/AwUBQRYqRbiLNnC0cMkdEQL5MQCfYRHc+Y1klq5o3bNzS/3YHFJT42IAnjQe
kYpXOfLb5MD6rfPVnPqFRVGZ
=KK8/
-----END PGP SIGNATURE-----

More information about the clue-tech mailing list