Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Attack from a reserved address



Thanks for reading this. I'm getting attacked from a "reserved" IP address, 
and I'm looking for help to find out where it really is.

The log fragment below is from the auth.log on my Debian Sarge box. 
I think someone is doing a dictionary attack: these have been coming in 
from this address for a couple of days, but when I put the IP into 
samspade (http://www.samspade.org/), it comes up "Reserved by IANA". 

All suggestions welcome.

Bill
P.S. I've closed the port, but anyone who wants to test it, just drop 
me an email with your IP address.

Aug 30 18:16:28 billhorne sshd[14138]: Illegal user webadmin from ::ffff:125.251.21.2
Aug 30 18:16:30 billhorne sshd[14143]: Illegal user webadmin from ::ffff:125.251.21.2
Aug 30 18:16:32 billhorne sshd[14148]: Illegal user webadmin from ::ffff:125.251.21.2
Aug 30 18:16:34 billhorne sshd[14151]: Illegal user webadmin from ::ffff:125.251.21.2
Aug 30 18:16:36 billhorne sshd[14154]: Illegal user webadmin from ::ffff:125.251.21.2
Aug 30 18:16:38 billhorne sshd[14156]: Illegal user webadmin from ::ffff:125.251.21.2
Aug 30 18:16:40 billhorne sshd[14160]: Illegal user webadmin from ::ffff:125.251.21.2
Aug 30 18:16:42 billhorne sshd[14162]: Illegal user webadmin from ::ffff:125.251.21.2
Aug 30 18:16:44 billhorne sshd[14165]: Illegal user webadmin from ::ffff:125.251.21.2
Aug 30 18:16:47 billhorne sshd[14168]: Illegal user webadmin from ::ffff:125.251.21.2
Aug 30 18:16:49 billhorne sshd[14171]: Illegal user webadmin from ::ffff:125.251.21.2
Aug 30 18:16:51 billhorne sshd[14174]: Illegal user webadmin from ::ffff:125.251.21.2
Aug 30 18:16:53 billhorne sshd[14176]: Illegal user webadmin from ::ffff:125.251.21.2
Aug 30 18:16:55 billhorne sshd[14180]: Illegal user webadmin from ::ffff:125.251.21.2
Aug 30 18:16:57 billhorne sshd[14182]: Illegal user webadmin from ::ffff:125.251.21.2
Aug 30 18:16:59 billhorne sshd[14185]: Illegal user webadmin from ::ffff:125.251.21.2
Aug 30 18:17:02 billhorne sshd[14188]: Illegal user webadmin from ::ffff:125.251.21.2
Aug 30 18:17:04 billhorne sshd[14193]: Illegal user webadmin from ::ffff:125.251.21.2
Aug 30 18:17:06 billhorne sshd[14197]: Illegal user webadmin from ::ffff:125.251.21.2

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.





BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org