[Charlug] Server break-in attempt through NAGIOS user
David Simmons
dave at dgnal.net
Thu Sep 6 17:15:46 EDT 2007
Guys/Gals,
=
Just was able to catch a 'break in attempt' on one
of my webservers
=
It was from the RIPE network in
Amserdam....IP address was 86.126.41.177
=
they were logging in through the NAGIOS user and (trying to run)
two programs (files from):
=
brute.tgz
fast.tgz
=
Just a word of caution to double-check those servers....
=
dave
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://charlug.org/pipermail/charlug/attachments/20070906/278f1f09/att=
achment.htm
More information about the CharLUG
mailing list