Chinese hacking attempt/Secure your Servers
Jan 24 02:28:30 Sputnik sshd[1566]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.189.239.126 user=root Jan 24 02:28:32 Sputnik sshd[1566]: Failed password for root from 222.189.239.126 port 1616 ssh2 Jan 24 02:28:35 Sputnik sshd[1566]: Failed password for root from 222.189.239.126 port 1616 ssh2 Jan 24 02:28:37 Sputnik sshd[1566]: Failed password for root from 222.189.239.126 port 1616 ssh2 Jan 24 02:28:39 Sputnik sshd[1566]: Failed password for root from 222.189.239.126 port 1616 ssh2 Jan 24 02:28:41 Sputnik sshd[1566]: Failed password for root from 222.189.239.126 port 1616 ssh2 Jan 24 02:28:43 Sputnik sshd[1566]: Failed password for root from 222.189.239.126 port 1616 ssh2 Jan 24 02:28:43 Sputnik sshd[1566]: Disconnecting: Too many authentication failures for root [preauth] Jan 24 02:28:43 Sputnik sshd[1566]: PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.189.239.126 user=root Jan 24 02:28:43 Sputnik sshd[1566]: PAM service(sshd) ignoring max retries; 6 > 3
3 comments
[ 4.7 ms ] story [ 16.2 ms ] threadI mean, even any new WiFi router you set up comes with WPA enabled by default. Wasn't always this way. I still remember setting up routers where the password protection was an afterthought.
But ssh isn't really that new is it? Should these security measures be default at least by now?