[Previo por Fecha] [Siguiente por Fecha] [Previo por Hilo] [Siguiente por Hilo]

[Hilos de Discusión] [Fecha] [Tema] [Autor]

[Linux] Ataque al FTP

Hola a todos.
He estado recibiendo un ataque como en descrito abajo a mi ftp.

Al parecer mi proftpd se ha comportado a la altura, pero me queda la duda de si podrán haber hecho algo.

No encuentro forma de bloquearlos, puesto que es desde diferentes partes del mundo. En este caso, Alemania y Chile.

¿Alguna idea o pista?

Saludos.
Adrián.


------------------------------------------------------------------
proftpd[11444]: paginas (217.226.204.200[217.226.204.200]) - SECURITY VIOLATION: root login attempted.
proftpd[11445]: paginas (217.226.204.200[217.226.204.200]) - SECURITY VIOLATION: root login attempted.
proftpd[11446]: paginas (217.226.204.200[217.226.204.200]) - USER user: no such user found from 217.226.204.200 [217.226.204.200] to 10.1.1.2:21
proftpd[11447]: paginas (217.226.204.200[217.226.204.200]) - USER user: no such user found from 217.226.204.200 [217.226.204.200] to 10.1.1.2:21
proftpd[11452]: paginas (217.226.204.200[217.226.204.200]) - USER guest: no such user found from 217.226.204.200 [217.226.204.200] to 10.1.1.2:21
proftpd[11453]: paginas (217.226.204.200[217.226.204.200]) - USER guest: no such user found from 217.226.204.200 [217.226.204.200] to 10.1.1.2:21
proftpd[11448]: paginas (217.226.204.200[217.226.204.200]) - ANON ftp: Login successful.
proftpd[11450]: paginas (217.226.204.200[217.226.204.200]) - ANON anonymous: Login successful.
proftpd[11449]: paginas (217.226.204.200[217.226.204.200]) - ANON ftp: Login successful.
proftpd[11451]: paginas (217.226.204.200[217.226.204.200]) - ANON anonymous: Login successful.
proftpd[11455]: paginas (217.226.204.200[217.226.204.200]) - SECURITY VIOLATION: root login attempted.
proftpd[11456]: paginas (217.226.204.200[217.226.204.200]) - SECURITY VIOLATION: root login attempted.
proftpd[11457]: paginas (217.226.204.200[217.226.204.200]) - USER user: no such user found from 217.226.204.200 [217.226.204.200] to 10.1.1.2:21
proftpd[11458]: paginas (217.226.204.200[217.226.204.200]) - USER user: no such user found from 217.226.204.200 [217.226.204.200] to 10.1.1.2:21
proftpd[11463]: paginas (217.226.204.200[217.226.204.200]) - USER guest: no such user found from 217.226.204.200 [217.226.204.200] to 10.1.1.2:21
proftpd[11464]: paginas (217.226.204.200[217.226.204.200]) - USER guest: no such user found from 217.226.204.200 [217.226.204.200] to 10.1.1.2:21
proftpd[11460]: paginas (217.226.204.200[217.226.204.200]) - ANON ftp: Login successful.
proftpd[11459]: paginas (217.226.204.200[217.226.204.200]) - ANON ftp: Login successful.
proftpd[11461]: paginas (217.226.204.200[217.226.204.200]) - ANON anonymous: Login successful.
proftpd[11462]: paginas (217.226.204.200[217.226.204.200]) - ANON anonymous: Login successful.
proftpd[26602]: paginas (200.14.64.132[200.14.64.132]) - USER qwerty: no such user found from 200.14.64.132 [200.14.64.132] to 10.1.1.2:21
proftpd[26603]: paginas (200.14.64.132[200.14.64.132]) - USER qwerty: no such user found from 200.14.64.132 [200.14.64.132] to 10.1.1.2:21
proftpd[26604]: paginas (200.14.64.132[200.14.64.132]) - USER asdf: no such user found from 200.14.64.132 [200.14.64.132] to 10.1.1.2:21
proftpd[26606]: paginas (200.14.64.132[200.14.64.132]) - USER asdf: no such user found from 200.14.64.132 [200.14.64.132] to 10.1.1.2:21
proftpd[26605]: paginas (200.14.64.132[200.14.64.132]) - USER james: no such user found from 200.14.64.132 [200.14.64.132] to 10.1.1.2:21
proftpd[26608]: paginas (200.14.64.132[200.14.64.132]) - USER 1234: no such user found from 200.14.64.132 [200.14.64.132] to 10.1.1.2:21
proftpd[26607]: paginas (200.14.64.132[200.14.64.132]) - USER qwerty: no such user found from 200.14.64.132 [200.14.64.132] to 10.1.1.2:21
proftpd[26609]: paginas (200.14.64.132[200.14.64.132]) - USER zxcvb: no such user found from 200.14.64.132 [200.14.64.132] to 10.1.1.2:21
proftpd[26610]: paginas (200.14.64.132[200.14.64.132]) - USER zxcvb: no such user found from 200.14.64.132 [200.14.64.132] to 10.1.1.2:21
proftpd[26611]: paginas (200.14.64.132[200.14.64.132]) - USER 123: no such user found from 200.14.64.132 [200.14.64.132] to 10.1.1.2:21
proftpd[26613]: paginas (200.14.64.132[200.14.64.132]) - USER 123456: no such user found from 200.14.64.132 [200.14.64.132] to 10.1.1.2:21
proftpd[26614]: paginas (200.14.64.132[200.14.64.132]) - USER temp: no such user found from 200.14.64.132 [200.14.64.132] to 10.1.1.2:21
proftpd[26615]: paginas (200.14.64.132[200.14.64.132]) - USER 12345: no such user found from 200.14.64.132 [200.14.64.132] to 10.1.1.2:21
proftpd[26616]: paginas (200.14.64.132[200.14.64.132]) - USER oracle: no such user found from 200.14.64.132 [200.14.64.132] to 10.1.1.2:21
proftpd[26617]: paginas (200.14.64.132[200.14.64.132]) - USER 12345678: no such user found from 200.14.64.132 [200.14.64.132] to 10.1.1.2:21
proftpd[26619]: paginas (200.14.64.132[200.14.64.132]) - USER user: no such user found from 200.14.64.132 [200.14.64.132] to 10.1.1.2:21
proftpd[26618]: paginas (200.14.64.132[200.14.64.132]) - USER mysql (Login failed): Incorrect password.
proftpd[26621]: paginas (200.14.64.132[200.14.64.132]) - USER prueba: no such user found from 200.14.64.132 [200.14.64.132] to 10.1.1.2:21
proftpd[26622]: paginas (200.14.64.132[200.14.64.132]) - USER 1234567: no such user found from 200.14.64.132 [200.14.64.132] to 10.1.1.2:21
proftpd[26623]: paginas (200.14.64.132[200.14.64.132]) - USER alumno: no such user found from 200.14.64.132 [200.14.64.132] to 10.1.1.2:21




Lista de correo linux en opensource org mx
Preguntas linux-owner en opensource org mx
http://www.opensource.org.mx/
[Hilos de Discusión] [Fecha] [Tema] [Autor]