Looks like normal "compromised host scans the entire internet" behaviour to
me.
From: users-bounces+spb=attenuate.org@???
[
mailto:users-bounces+spb=attenuate.org@lists.bitfolk.com] On Behalf Of Max
B
Sent: 10 November 2013 21:47
To: users@???
Subject: Re: [bitfolk] default behaviour of Debian /etc/login.defs does not
log to /var/log/sulog
:)
dunno, Alex.
1443 attempts over a 5 day period, including:
264 attempts at 'postgres'
574 attempts at 'oracle'
585 at 'nagios'
15 at 'tesztuser'
from 37.187.75.221
aka duhless.net
http://vk.com/duhlessnet
http://wa-com.com/duhless.net
A registry in Russia, anonymized by an Australian outfit
Who buy service from ovh.net in France.
Stalked, or repeatedly scanned by a compromised box?
It looks intentional, not compromised, to me.
Le Dimanche 10 novembre 2013 22h18, Alex Smith <alex@???> a écrit
:
On Sun, Nov 10, 2013 at 7:21 PM, Max B <txtmb@???> wrote:
Recently, I have been stalked by a user at ovh.net . They seem to be
well-financed and persistent.
Stalked, or repeatedly scanned by a compromised box?
_______________________________________________
users mailing list
users@???
https://lists.bitfolk.com/mailman/listinfo/users
