[geeks] ssh attacks
Thomas Gallaway
rescue at port11.net
Wed Aug 11 13:08:22 CDT 2004
Gary Nichols wrote:
>On Wed, 11 Aug 2004, Thomas Gallaway wrote:
>
>
>>I have a box sitting next to me.
>>FreeBSD 4.10 connected to a public IP. Once I am done configuring it, it
>>will on successfull default login (using the defaults they use on the
>>probes) send me an email and also monitor everything that happens to the
>>box.
>>
>>I will be using ttysnoop to mirror all the data on the tty's to a serial
>>console connected to a 2nd box that is not connected to the network and
>>just logs the data coming from the serial ports.
>>The other serial port will dump auth.log. And if I can find a 3rd serial
>>cable it will dump messages.
>>
>>Anybody want to throw in usefull input?
>>
>>
>
>When you have some logged sessions, let me know. I have some fascinating
>stuff from LaBrae that has been keeping me up at night. More later.
>
>
With all the work @work I guess I should have everything configured on
friday or this weekend :-)
More information about the geeks
mailing list