Someone is attacking me via ssh from 4 hours ago.
I just post here to warning you.
Oct 4 22:31:07 localhost sshd[11172]: Failed password for root from 59.151.19.47 port 36029 ssh2 Oct 4 22:31:09 localhost sshd[11174]: Failed password for invalid user lydia from 219.254.35.83 por t 56406 ssh2 Oct 4 22:31:09 localhost sshd[11176]: pam_unix(sshd:auth): authentication failure; logname= uid=0 e uid=0 tty=ssh ruser= rhost=59.151.19.47 user=root Oct 4 22:31:11 localhost sshd[11178]: Invalid user magda from 219.254.35.83 Oct 4 22:31:11 localhost sshd[11178]: pam_unix(sshd:auth): check pass; user unknown Oct 4 22:31:11 localhost sshd[11178]: pam_unix(sshd:auth): authentication failure; logname= uid=0 e uid=0 tty=ssh ruser= rhost=219.254.35.83 Oct 4 22:31:12 localhost sshd[11176]: Failed password for root from 59.151.19.47 port 36142 ssh2 Oct 4 22:31:13 localhost sshd[11178]: Failed password for invalid user magda from 219.254.35.83 por t 56624 ssh2
Above are the logs.
If you keep attacking, you are liable for this.
59.151.19.47 From China
219.254.35.83 From Korea
To defend this DoS attack, related software has been set up 🙂
Good Job, Need-Being!
How do you get the log?
These logs are in /var/log/auth.log file.
You have to access this file by root.
You mean the Mac ?
Not on mac… On every UNIX/Linux OS. Windows has its own stuffs.