Wednesday, February 21, 2007

Someone tried to hack my Linux server yesterday

While I was browsing ubuntuguide.org today, I found a post on how to check your sudo logs. Natural curiosity got the best of me and I opened up the file in /var/log/auth.log to see what it looked like.

It was farely mundane information, mainly showing my ssh logins from work, until I got about 50 lines down where the log started to get really interesting.

Feb 20 05:17:16 James-Linux sshd[23003]: Invalid user seby from 200.21.18.136Feb 20 05:17:16 James-Linux sshd[23003]: (pam_unix) check pass; user unknownFeb 20 05:17:16 James-Linux sshd[23003]: (pam_unix) authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.21.18.136Feb 20 05:17:17 James-Linux sshd[23003]: Failed password for invalid user seby from 200.21.18.136 port 59712 ssh2Feb 20 05:17:19 James-Linux sshd[23005]: Invalid user sebastian from 200.21.18.136Feb 20 05:17:19 James-Linux sshd[23005]: (pam_unix) check pass; user unknownFeb 20 05:17:19 James-Linux sshd[23005]: (pam_unix) authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.21.18.136



Apprently some guy from 200.21.18.136 (which turns out to be from Columbia) tried to crack the password on hundreds of fake accounts on my box. The first two hundred or so lines were attempts to crack the password on root, which thankfully all failed.

I feel pretty proud to finally have a hack attempt against one of my systems. He never got in, but this attempt brought security into perspective for me. I usually go about my computer life with no regard to people wanting to get my insignificant information and resources, but as of now I will start treating my computers just like a real system administrator (BIOS passwords, encryption of valuable files, etc). Better safe than sorry.

Friday, February 02, 2007

After nearly two years, I post once again

A lot has changed since I started this blog nearly two years ago.

Google took over Blogger and has since transferred over the Blogger accounts to Google accounts. This is a great thing since I tried to create a blog today and found that my name was taken.

It turned out that I had taken my own name long long ago when Blogger was still a fledgling. Google provided a simple process to switch over blogs to the Google accounts, so it was pretty painless.

I also took the liberty of creating a worthwhile blog called "A How To For Me". I created the blog simply to help myself learn, and if anyone else reads it then I will be very surprised.

I think it will be a great little project. Knowledge is a wonderful thing.