SSH attacks by Java / 2017-07-16

Koos van den Hout

2017-07-16 SSH attacks by Java 4 years ago

Jul 16 04:17:01 greenblatt sshd[9365]: reverse mapping checking getaddrinfo for 121-124-124-73.youiwe.co.kr [121.124.124.73] failed - POSSIBLE BREAK-IN ATTEMPT!
Jul 16 04:17:01 greenblatt sshd[9365]: Invalid user 1234 from 121.124.124.73
Jul 16 04:17:01 greenblatt sshd[9365]: input_userauth_request: invalid user 1234 [preauth]
Jul 16 04:17:01 greenblatt sshd[9365]: Received disconnect from 121.124.124.73: 3: com.jcraft.jsch.JSchException: Auth fail [preauth]
That last bit is not from my sshd but an error message related to a java library for ssh, as noted in Reasons for com.jcraft.jsch.JSchException: Auth fail | Maximilian Böhm which correctly notes that attacks are a reason.

Tags: english, linux, security

IPv6 check

Running test...

SSH attacks by Java / 2017-07-16

Koos van den Hout

IPv6 check

Archive