The user names are random (including root and admin) indicating that
it's someone trying to get into my machine.
Is your SSH accesible from public internet? I have several public
servers running SSH for remote admin and they are hamered by this crap
on regular basis.
If things are still random and your passwords are good enough (perhaps
you should consider ssh-keys!?) there's nothing to worry about. If your
server is in a private LAN, you should have a look at OSS like ntop and
snort to check what's going on.
BTW: firewall setups where the system check logs for failed connection
attemps and adds deny rules automatically are useless. The normal scans
are automated and with a good DOS attack a hacker could easily lock YOU
out of your servers.
just my 2 cents...
regards,
Philon
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/macos-x-server/
email@hidden
This email sent to email@hidden
