HomePureFTPd attack not recognized

Reply to comment

PureFTPd attack not recognized

Wed, 2007–Jul–25

Hi,

I'm not an expert about hosts.allow & python.
Someone try to break my Ubuntu Feisty box.

/var/log/syslog
[snip]
Jul 25 22:52:40 blue pure-ftpd: (?@server.r20hosting.com) [INFO] New connection from server.r20hosting.com
Jul 25 22:52:40 blue pure-ftpd: (?@server.r20hosting.com) [INFO] PAM_RHOST enabled. Getting the peer address
Jul 25 22:52:41 blue pure-ftpd: (?@server.r20hosting.com) [WARNING] Authentication failed for user [Administrator]
Jul 25 22:52:42 blue pure-ftpd: (?@server.r20hosting.com) [WARNING] Authentication failed for user [Administrator]
Jul 25 22:52:43 blue pure-ftpd: (?@server.r20hosting.com) [INFO] PAM_RHOST enabled. Getting the peer address
Jul 25 22:52:44 blue pure-ftpd: (?@server.r20hosting.com) [INFO] PAM_RHOST enabled. Getting the peer address
Jul 25 22:52:45 blue pure-ftpd: (?@server.r20hosting.com) [INFO] PAM_RHOST enabled. Getting the peer address
[/snip]

It's not recognized because of the name in place of an IP. How can I correct this?

Thx,

Damien

Reply

The content of this field is kept private and will not be shown publicly.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <img> <b> <span> <pre> <hr>
  • Lines and paragraphs break automatically.
  • You may use [acidfree:xx] tags to display acidfree videos or images inline.
  • [l:URL text] input tags replaced with HTML links. URL may be Drupal internal path. [ Link Filter Tips ]

More information about formatting options