So, I like to occasionally keep watch on my FTP log for my own amusement. Yesterday, I saw this pattern:
Jul 18 05:45:27 lab pure-ftpd: (?@212.200.11.54) [INFO] New connection from 212.200.11.54
Jul 18 05:45:27 lab pure-ftpd: (?@212.200.11.54) [WARNING] Authentication failed for user [administrateur]
Jul 18 05:45:33 lab pure-ftpd: (?@212.200.11.54) [WARNING] Authentication failed for user [administrateur]
...
...which continues in the same fashion until Jul 19 12:30:03, for a total of 10455 attempted logins. Now the question is: Why would anyone spend a whole day trying to bruteforce a non-standard account, and French to boot, which very likely doesn't even exist on most machines? God damn it, this is hilarious.
Name:
Anonymous2009-07-26 3:42
Just look at the logs of any other service you might running like SSH and HTTP. It's not exactly uncommon. People are bombarding your tubes all the time.
Before I got sick of the log spam and installed fail2ban I was getting at least ten thousand ssh login attempts a day, about 70% of them for user root.
Name:
Anonymous2009-07-26 4:02
>>3
Which I always find rather amusing, seeing how most guides for setting up sshd suggest setting AllowRootLogin to false. But I guess botnets will not care whether they are wasting their time or not.
Name:
Anonymous2009-07-26 7:31
>>1
Why do you post this on /prog/. Why?! What have we done to you? *sob*
I suppose the knowledge could be useful for other sites as well. Plus, when /prog/ went down, I felt sad. The kind of sadness that one would get when you lose a pet.
>>21
Take your humorless man-hating feministing elsewhere. Also, go eat a dick. A few quarts of semen in your belly will help you respect men/Republicans better.
Name:
Anonymous2009-07-28 12:11
Un seul mot, le haxxage forcé de l'anus, fin du fil.